diff options
Diffstat (limited to 'weed/security')
| -rw-r--r-- | weed/security/tls.go | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/weed/security/tls.go b/weed/security/tls.go index d5384fc51..ae6510219 100644 --- a/weed/security/tls.go +++ b/weed/security/tls.go @@ -16,7 +16,7 @@ import ( "google.golang.org/grpc" ) -const credRefreshingInterval = time.Duration(5) * time.Hour +const CredRefreshingInterval = time.Duration(5) * time.Hour type Authenticator struct { AllowedWildcardDomain string @@ -31,7 +31,10 @@ func LoadServerTLS(config *util.ViperProxy, component string) (grpc.ServerOption serverOptions := pemfile.Options{ CertFile: config.GetString(component + ".cert"), KeyFile: config.GetString(component + ".key"), - RefreshDuration: credRefreshingInterval, + RefreshDuration: CredRefreshingInterval, + } + if serverOptions.CertFile == "" || serverOptions.KeyFile == "" { + return nil, nil } serverIdentityProvider, err := pemfile.NewProvider(serverOptions) @@ -42,7 +45,7 @@ func LoadServerTLS(config *util.ViperProxy, component string) (grpc.ServerOption serverRootOptions := pemfile.Options{ RootFile: config.GetString("grpc.ca"), - RefreshDuration: credRefreshingInterval, + RefreshDuration: CredRefreshingInterval, } serverRootProvider, err := pemfile.NewProvider(serverRootOptions) if err != nil { @@ -99,7 +102,7 @@ func LoadClientTLS(config *util.ViperProxy, component string) grpc.DialOption { clientOptions := pemfile.Options{ CertFile: certFileName, KeyFile: keyFileName, - RefreshDuration: credRefreshingInterval, + RefreshDuration: CredRefreshingInterval, } clientProvider, err := pemfile.NewProvider(clientOptions) if err != nil { @@ -108,7 +111,7 @@ func LoadClientTLS(config *util.ViperProxy, component string) grpc.DialOption { } clientRootOptions := pemfile.Options{ RootFile: config.GetString("grpc.ca"), - RefreshDuration: credRefreshingInterval, + RefreshDuration: CredRefreshingInterval, } clientRootProvider, err := pemfile.NewProvider(clientRootOptions) if err != nil { |