lib/promauth: properly set up client certificate in tls.Config

Previously the client certificate has been mistakenly set up as a server certificate
This commit is contained in:
Aliaksandr Valialkin 2020-05-04 20:08:52 +03:00
parent ed91fe1d9b
commit 28e0e8fd88

View File

@ -69,7 +69,9 @@ func (ac *Config) NewTLSConfig() *tls.Config {
ClientSessionCache: tls.NewLRUClientSessionCache(0), ClientSessionCache: tls.NewLRUClientSessionCache(0),
} }
if ac.TLSCertificate != nil { if ac.TLSCertificate != nil {
tlsCfg.Certificates = []tls.Certificate{*ac.TLSCertificate} tlsCfg.GetClientCertificate = func(*tls.CertificateRequestInfo) (*tls.Certificate, error) {
return ac.TLSCertificate, nil
}
} }
tlsCfg.ServerName = ac.TLSServerName tlsCfg.ServerName = ac.TLSServerName
tlsCfg.InsecureSkipVerify = ac.TLSInsecureSkipVerify tlsCfg.InsecureSkipVerify = ac.TLSInsecureSkipVerify