mirror of
https://github.com/seaweedfs/seaweedfs.git
synced 2024-01-19 02:48:24 +00:00
comma-separated SSL certificate common names
This commit is contained in:
parent
190fada1ef
commit
0e02f7e258
|
@ -7,7 +7,7 @@ WEED_GRPC_FILER_CERT=/etc/seaweedfs/tls/filer01.crt
|
||||||
WEED_GRPC_FILER_KEY=/etc/seaweedfs/tls/filer01.key
|
WEED_GRPC_FILER_KEY=/etc/seaweedfs/tls/filer01.key
|
||||||
WEED_GRPC_CLIENT_CERT=/etc/seaweedfs/tls/client01.crt
|
WEED_GRPC_CLIENT_CERT=/etc/seaweedfs/tls/client01.crt
|
||||||
WEED_GRPC_CLIENT_KEY=/etc/seaweedfs/tls/client01.key
|
WEED_GRPC_CLIENT_KEY=/etc/seaweedfs/tls/client01.key
|
||||||
WEED_GRPC_MASTER_ALLOWED_COMMONNAMES="volume01 master01 filer01 client01"
|
WEED_GRPC_MASTER_ALLOWED_COMMONNAMES="volume01,master01,filer01,client01"
|
||||||
WEED_GRPC_VOLUME_ALLOWED_COMMONNAMES="volume01 master01 filer01 client01"
|
WEED_GRPC_VOLUME_ALLOWED_COMMONNAMES="volume01,master01,filer01,client01"
|
||||||
WEED_GRPC_FILER_ALLOWED_COMMONNAMES="volume01 master01 filer01 client01"
|
WEED_GRPC_FILER_ALLOWED_COMMONNAMES="volume01,master01,filer01,client01"
|
||||||
WEED_GRPC_CLIENT_ALLOWED_COMMONNAMES="volume01 master01 filer01 client01"
|
WEED_GRPC_CLIENT_ALLOWED_COMMONNAMES="volume01,master01,filer01,client01"
|
|
@ -10,6 +10,7 @@ import (
|
||||||
"google.golang.org/grpc/peer"
|
"google.golang.org/grpc/peer"
|
||||||
"google.golang.org/grpc/status"
|
"google.golang.org/grpc/status"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"google.golang.org/grpc"
|
"google.golang.org/grpc"
|
||||||
"google.golang.org/grpc/credentials"
|
"google.golang.org/grpc/credentials"
|
||||||
|
@ -48,7 +49,7 @@ func LoadServerTLS(config *util.ViperProxy, component string) (grpc.ServerOption
|
||||||
ClientAuth: tls.RequireAndVerifyClientCert,
|
ClientAuth: tls.RequireAndVerifyClientCert,
|
||||||
})
|
})
|
||||||
|
|
||||||
permitCommonNames := config.GetStringSlice(component + ".allowed_commonNames")
|
permitCommonNames := strings.Split(config.GetString(component+".allowed_commonNames"), ",")
|
||||||
if len(permitCommonNames) > 0 {
|
if len(permitCommonNames) > 0 {
|
||||||
permitCommonNamesMap := make(map[string]bool)
|
permitCommonNamesMap := make(map[string]bool)
|
||||||
for _, s := range permitCommonNames {
|
for _, s := range permitCommonNames {
|
||||||
|
|
Loading…
Reference in a new issue