diff options
| author | Konstantin Lebedev <9497591+kmlebedev@users.noreply.github.com> | 2023-06-05 02:27:56 +0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-06-04 14:27:56 -0700 |
| commit | a0931be0c0d0cbb7ea5fe778ff6279fd603c06b8 (patch) | |
| tree | 2b5598e18ddeab339345de73bbec9f70e305ab1d /weed/security/tls.go | |
| parent | 5aec6da8a3e0f815eff853784d5200c781722a57 (diff) | |
| download | seaweedfs-a0931be0c0d0cbb7ea5fe778ff6279fd603c06b8.tar.xz seaweedfs-a0931be0c0d0cbb7ea5fe778ff6279fd603c06b8.zip | |
S3 TLS credentials Refreshing (#4506)
* S3 TLS credentials Refreshing
* fix: logging
---------
Co-authored-by: Konstantin Lebedev <9497591+kmlebedev@users.noreply.github.co>
Diffstat (limited to 'weed/security/tls.go')
| -rw-r--r-- | weed/security/tls.go | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/weed/security/tls.go b/weed/security/tls.go index d5384fc51..ae6510219 100644 --- a/weed/security/tls.go +++ b/weed/security/tls.go @@ -16,7 +16,7 @@ import ( "google.golang.org/grpc" ) -const credRefreshingInterval = time.Duration(5) * time.Hour +const CredRefreshingInterval = time.Duration(5) * time.Hour type Authenticator struct { AllowedWildcardDomain string @@ -31,7 +31,10 @@ func LoadServerTLS(config *util.ViperProxy, component string) (grpc.ServerOption serverOptions := pemfile.Options{ CertFile: config.GetString(component + ".cert"), KeyFile: config.GetString(component + ".key"), - RefreshDuration: credRefreshingInterval, + RefreshDuration: CredRefreshingInterval, + } + if serverOptions.CertFile == "" || serverOptions.KeyFile == "" { + return nil, nil } serverIdentityProvider, err := pemfile.NewProvider(serverOptions) @@ -42,7 +45,7 @@ func LoadServerTLS(config *util.ViperProxy, component string) (grpc.ServerOption serverRootOptions := pemfile.Options{ RootFile: config.GetString("grpc.ca"), - RefreshDuration: credRefreshingInterval, + RefreshDuration: CredRefreshingInterval, } serverRootProvider, err := pemfile.NewProvider(serverRootOptions) if err != nil { @@ -99,7 +102,7 @@ func LoadClientTLS(config *util.ViperProxy, component string) grpc.DialOption { clientOptions := pemfile.Options{ CertFile: certFileName, KeyFile: keyFileName, - RefreshDuration: credRefreshingInterval, + RefreshDuration: CredRefreshingInterval, } clientProvider, err := pemfile.NewProvider(clientOptions) if err != nil { @@ -108,7 +111,7 @@ func LoadClientTLS(config *util.ViperProxy, component string) grpc.DialOption { } clientRootOptions := pemfile.Options{ RootFile: config.GetString("grpc.ca"), - RefreshDuration: credRefreshingInterval, + RefreshDuration: CredRefreshingInterval, } clientRootProvider, err := pemfile.NewProvider(clientRootOptions) if err != nil { |