-
Notifications
You must be signed in to change notification settings - Fork 91
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Refresh TLS Client Certs on interval
Currently, GRPC does not use `GetClientCertificate` and instead relies on the GRPC `advancedtls` package. [context](grpc/grpc-go#5791 (comment)). This PR updates `base_client_factory.go` to use this API such that certificate reloads work for GRPC clients. This flow is implemented by converting a tls.Config struct intended for a client into a series of grpc DialOptions which configure GRPC with the same TLS options. Critically, this converts a `GetClientCertificate` callback into a `GetIdentityCertificatesForClient` callback which GRPC will call as-needed. Fixes #162.
- Loading branch information
1 parent
31e7018
commit d07a29c
Showing
5 changed files
with
51 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters