Force clients to have certs

master
Harshavardhana 10 years ago
parent fec80fb1b3
commit 8a4128d304
  1. 11
      pkg/httpserver/tlshelpers.go
  2. 4
      pkg/utils/crypto/signers/signers.go

@ -3,7 +3,7 @@ package httpserver
import "crypto/tls"
func getDefaultTLSConfig() *tls.Config {
config := &tls.Config{}
config := tls.Config{}
//Use only modern ciphers
config.CipherSuites = []uint16{
@ -17,13 +17,8 @@ func getDefaultTLSConfig() *tls.Config {
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
}
//Use only TLS v1.2
config.MinVersion = tls.VersionTLS12
// Ignore client auth for now
config.ClientAuth = tls.NoClientCert
//Don't allow session resumption
config.SessionTicketsDisabled = true
return config
config.ClientAuth = tls.RequireAnyClientCert
return &config
}

@ -33,10 +33,10 @@ package signers
// return true
//}
//
//func GetAccessID() {
//func getAccessID() {
//}
//
//func GetSecretID() {
//func getSecretID() {
//}
//
//// This package implements verification side of Object API Signature request

Loading…
Cancel
Save