代码拉取完成,页面将自动刷新
package sqlstore
import (
"crypto/tls"
"crypto/x509"
"fmt"
"io/ioutil"
)
func makeCert(tlsPoolName string, config DatabaseConfig) (*tls.Config, error) {
rootCertPool := x509.NewCertPool()
pem, err := ioutil.ReadFile(config.CaCertPath)
if err != nil {
return nil, fmt.Errorf("Could not read DB CA Cert path: %v", config.CaCertPath)
}
if ok := rootCertPool.AppendCertsFromPEM(pem); !ok {
return nil, err
}
clientCert := make([]tls.Certificate, 0, 1)
if config.ClientCertPath != "" && config.ClientKeyPath != "" {
certs, err := tls.LoadX509KeyPair(config.ClientCertPath, config.ClientKeyPath)
if err != nil {
return nil, err
}
clientCert = append(clientCert, certs)
}
tlsConfig := &tls.Config{
RootCAs: rootCertPool,
Certificates: clientCert,
}
tlsConfig.ServerName = config.ServerCertName
if config.SslMode == "skip-verify" {
tlsConfig.InsecureSkipVerify = true
}
// Return more meaningful error before it is too late
if config.ServerCertName == "" && !tlsConfig.InsecureSkipVerify {
return nil, fmt.Errorf("server_cert_name is missing. Consider using ssl_mode = skip-verify.")
}
return tlsConfig, nil
}
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。