d

2023-08-23 16:33:53 +08:00
parent 055ed5eb69
commit cbc33fc928
1 changed files with 31 additions and 0 deletions
--- a/restagent/restagent.go
+++ b/restagent/restagent.go
@@ -1,6 +1,8 @@
 package main

 import (
+	"crypto/tls"
+	"crypto/x509"
 	"fmt"
 	"net"
 	"net/http"
@@ -79,6 +81,35 @@ func HttpListenTLS(addr, certFile, keyFile string, router http.Handler) {
 	}
 }

+func HttpListenConfigTLS(addr, caFile, certFile, keyFile string, router http.Handler) {
+	// 加载根证书
+	caCert, err := os.ReadFile(caFile)
+	if err != nil {
+		log.Fatal(err)
+	}
+	caCertPool := x509.NewCertPool()
+	caCertPool.AppendCertsFromPEM(caCert)
+
+	// 创建自定义的TLS配置
+	tlsConfig := &tls.Config{
+		ClientCAs:  caCertPool,
+		ClientAuth: tls.RequireAndVerifyClientCert,
+	}
+
+	// 创建HTTP服务器
+	server := &http.Server{
+		Addr:      addr,
+		Handler:   router,
+		TLSConfig: tlsConfig,
+	}
+
+	err = server.ListenAndServeTLS(certFile, keyFile)
+	if err != nil {
+		fmt.Println("ListenAndServeTLS err:", err)
+		os.Exit(6)
+	}
+}
+
 func main() {
 	conf := config.GetYamlConfig()