-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtlsreloader.go
More file actions
46 lines (37 loc) · 764 Bytes
/
tlsreloader.go
File metadata and controls
46 lines (37 loc) · 764 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
package tlsreloader
import (
"crypto/tls"
"sync"
)
type TLSReloader struct {
certPath string
keyPath string
cert *tls.Certificate
mu sync.RWMutex
}
func New(certPath, keyPath string) (*TLSReloader, error) {
cert, err := tls.LoadX509KeyPair(certPath, keyPath)
if err != nil {
return nil, err
}
return &TLSReloader{
certPath: certPath,
keyPath: keyPath,
cert: &cert,
}, nil
}
func (tr *TLSReloader) GetCertificate(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
tr.mu.RLock()
defer tr.mu.RUnlock()
return tr.cert, nil
}
func (tr *TLSReloader) Reload() error {
cert, err := tls.LoadX509KeyPair(tr.certPath, tr.keyPath)
if err != nil {
return err
}
tr.mu.Lock()
tr.cert = &cert
tr.mu.Unlock()
return nil
}