pavolloffay · August 13, 2020 14:49
diff --git a/gistfile1.txt b/gistfile1.txt
 package tlscfg

 import (
 	"crypto/tls"
 	"fmt"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/zap"
 	"io/ioutil"
 	"net/http"
 	"testing"
 	"time"
 )

 func TeastSaerver(t *testing.T) {
 	tlsOpts := Options{
 		CertPath: "/tmp/certs/server.crt",
 		KeyPath: "/tmp/certs/server.key",
 		ClientCAPath: "/tmp/certs/ca.crt",
 	}
 	tlsCfg, err := tlsOpts.Config()

 	require.NoError(t, tlsOpts.ReloadCertificates(tlsCfg, zap.NewExample()))

 	require.NoError(t, err)
 	require.NotNil(t, tlsCfg)
 	tlsCfg.ClientAuth = tls.RequireAndVerifyClientCert

 	http.HandleFunc("/", handler)
 	s := &http.Server{
 		Addr: ":8080",
 		TLSConfig: tlsCfg,
 	}
 	if err := s.ListenAndServeTLS("", ""); err != nil {
 		fmt.Println(err.Error())
 	}
 }

 func handler(w http.ResponseWriter, r *http.Request) {
 	fmt.Fprintf(w, "Hello")
 }

 func TesatClient(t *testing.T) {
 	opts := Options{
 		CertPath: "/tmp/certs/client.crt",
 		KeyPath: "/tmp/certs/client.key",
 		CAPath: "/tmp/certs/ca.crt",
 		Enabled: true,
 	}
 	tlsCfg, err := opts.Config()
 	require.NoError(t, err)
 	require.NotNil(t, tlsCfg)

 	require.NoError(t, opts.ReloadCertificates(tlsCfg, zap.NewExample()))

 	client := &http.Client{
 		Transport: &http.Transport{
 			TLSClientConfig: tlsCfg,
 		},
 	}

 	for {
 		time.Sleep(time.Second * 3)
 		response, err := client.Get("https://localhost:8080")
 		if err != nil {
 			fmt.Println("got error response")
 			continue
 		}
 		body, err := ioutil.ReadAll(response.Body)
 		require.NoError(t, err)
 		fmt.Println(string(body))
 	}
 }
	package tlscfg

	import (
	"crypto/tls"
	"fmt"
	"github.com/stretchr/testify/require"
	"go.uber.org/zap"
	"io/ioutil"
	"net/http"
	"testing"
	"time"
	)

	func TeastSaerver(t *testing.T) {
	tlsOpts := Options{
	CertPath: "/tmp/certs/server.crt",
	KeyPath: "/tmp/certs/server.key",
	ClientCAPath: "/tmp/certs/ca.crt",
	}
	tlsCfg, err := tlsOpts.Config()

	require.NoError(t, tlsOpts.ReloadCertificates(tlsCfg, zap.NewExample()))

	require.NoError(t, err)
	require.NotNil(t, tlsCfg)
	tlsCfg.ClientAuth = tls.RequireAndVerifyClientCert

	http.HandleFunc("/", handler)
	s := &http.Server{
	Addr: ":8080",
	TLSConfig: tlsCfg,
	}
	if err := s.ListenAndServeTLS("", ""); err != nil {
	fmt.Println(err.Error())
	}
	}

	func handler(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "Hello")
	}

	func TesatClient(t *testing.T) {
	opts := Options{
	CertPath: "/tmp/certs/client.crt",
	KeyPath: "/tmp/certs/client.key",
	CAPath: "/tmp/certs/ca.crt",
	Enabled: true,
	}
	tlsCfg, err := opts.Config()
	require.NoError(t, err)
	require.NotNil(t, tlsCfg)

	require.NoError(t, opts.ReloadCertificates(tlsCfg, zap.NewExample()))

	client := &http.Client{
	Transport: &http.Transport{
	TLSClientConfig: tlsCfg,
	},
	}

	for {
	time.Sleep(time.Second * 3)
	response, err := client.Get("https://localhost:8080")
	if err != nil {
	fmt.Println("got error response")
	continue
	}
	body, err := ioutil.ReadAll(response.Body)
	require.NoError(t, err)
	fmt.Println(string(body))
	}
	}