mirrors/webhook
1
0
Fork 0
mirror of https://github.com/adnanh/webhook.git synced 2025-10-04 13:41:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Reload TLS key pair on HUP signal

Browse source
This commit is contained in:
Cameron Moore 2020-12-27 23:38:13 -06:00
parent 1c72898604
commit 50a690a5e4
No known key found for this signature in database
GPG key ID: AF96E12468D7553E
3 changed files with 34 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
internal/service/security/tls.go
View file

@ -38,6 +38,20 @@ func NewKeyPairReloader(certPath, keyPath string) (*KeyPairReloader, error) {
return res, nil
}
// Reload attempts to reload the TLS key pair.
func (kpr *KeyPairReloader) Reload() error {
cert, err := tls.LoadX509KeyPair(kpr.certPath, kpr.keyPath)
if err != nil {
return err
}
kpr.certMu.Lock()
defer kpr.certMu.Unlock()
kpr.cert = &cert
return nil
}
// GetCertificateFunc provides a function for tls.Config.GetCertificate.
func (kpr *KeyPairReloader) GetCertificateFunc() func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
return func(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {