3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-28 15:38:05 +02:00
Code Issues Projects Releases Packages Wiki Activity

envoyconfig: add virtual host domains for certificates in addition to routes

Browse source
This commit is contained in:
Caleb Doxsey 2022-08-30 11:53:30 -06:00
parent 8713108821
commit bfb218a79a
4 changed files with 69 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

11
pkg/cryptutil/certificates.go
View file

@ -219,6 +219,17 @@ func GenerateSelfSignedCertificate(domain string, configure ...func(*x509.Certif
return &cert, nil
}
// EncodeCertificate encodes a TLS certificate into PEM compatible byte slices.
func EncodeCertificate(cert *tls.Certificate) (pemCertificateBytes, pemKeyBytes []byte) {
publicKeyBytes := cert.Certificate[0]
privateKeyBytes, err := x509.MarshalPKCS8PrivateKey(cert.PrivateKey)
if err != nil {
return
}
return pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: publicKeyBytes}),
pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: privateKeyBytes})
}
// ParsePEMCertificate parses a PEM encoded certificate block.
func ParsePEMCertificate(raw []byte) (*x509.Certificate, error) {
data := raw