feat(ssl): supports configuration of keyfile password
This commit is contained in:
JianBo He
tigercl
parent
ca86e795e8
commit
19e8a187e4
|
|
@ -1323,6 +1323,12 @@ listener.ssl.external.handshake_timeout = 15s
|
||||||
## Value: Number
|
## Value: Number
|
||||||
## listener.ssl.external.depth = 10
|
## listener.ssl.external.depth = 10
|
||||||
|
|
||||||
|
## String containing the user's password. Only used if the private keyfile
|
||||||
|
## is password-protected.
|
||||||
|
##
|
||||||
|
## Value: String
|
||||||
|
## listener.ssl.external.key_password = yourpass
|
||||||
|
|
||||||
## Path to the file containing the user's private PEM-encoded key.
|
## Path to the file containing the user's private PEM-encoded key.
|
||||||
##
|
##
|
||||||
## See: http://erlang.org/doc/man/ssl.html
|
## See: http://erlang.org/doc/man/ssl.html
|
||||||
|
|
@ -1788,6 +1794,22 @@ listener.wss.external.certfile = {{ platform_etc_dir }}/certs/cert.pem
|
||||||
## Value: File
|
## Value: File
|
||||||
## listener.wss.external.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem
|
## listener.wss.external.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem
|
||||||
|
|
||||||
|
## Maximum number of non-self-issued intermediate certificates that
|
||||||
|
## can follow the peer certificate in a valid certification path.
|
||||||
|
##
|
||||||
|
## See: listener.ssl.external.depth
|
||||||
|
##
|
||||||
|
## Value: Number
|
||||||
|
## listener.wss.external.depth = 10
|
||||||
|
|
||||||
|
## String containing the user's password. Only used if the private keyfile
|
||||||
|
## is password-protected.
|
||||||
|
##
|
||||||
|
## See: listener.ssl.$name.key_password
|
||||||
|
##
|
||||||
|
## Value: String
|
||||||
|
## listener.wss.external.key_password = yourpass
|
||||||
|
|
||||||
## See: listener.ssl.$name.dhfile
|
## See: listener.ssl.$name.dhfile
|
||||||
##
|
##
|
||||||
## Value: File
|
## Value: File
|
||||||
|
|
|
||||||
|
|
@ -1373,6 +1373,10 @@ end}.
|
||||||
{datatype, integer}
|
{datatype, integer}
|
||||||
]}.
|
]}.
|
||||||
|
|
||||||
|
{mapping, "listener.ssl.$name.key_password", "emqx.listeners", [
|
||||||
|
{datatype, string}
|
||||||
|
]}.
|
||||||
|
|
||||||
{mapping, "listener.ssl.$name.dhfile", "emqx.listeners", [
|
{mapping, "listener.ssl.$name.dhfile", "emqx.listeners", [
|
||||||
{datatype, string}
|
{datatype, string}
|
||||||
]}.
|
]}.
|
||||||
|
|
@ -1693,6 +1697,15 @@ end}.
|
||||||
{datatype, string}
|
{datatype, string}
|
||||||
]}.
|
]}.
|
||||||
|
|
||||||
|
{mapping, "listener.wss.$name.depth", "emqx.listeners", [
|
||||||
|
{default, 10},
|
||||||
|
{datatype, integer}
|
||||||
|
]}.
|
||||||
|
|
||||||
|
{mapping, "listener.wss.$name.key_password", "emqx.listeners", [
|
||||||
|
{datatype, string}
|
||||||
|
]}.
|
||||||
|
|
||||||
{mapping, "listener.wss.$name.verify", "emqx.listeners", [
|
{mapping, "listener.wss.$name.verify", "emqx.listeners", [
|
||||||
{datatype, atom}
|
{datatype, atom}
|
||||||
]}.
|
]}.
|
||||||
|
|
@ -1884,6 +1897,7 @@ end}.
|
||||||
{user_lookup_fun, UserLookupFun},
|
{user_lookup_fun, UserLookupFun},
|
||||||
{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf, undefined)},
|
{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf, undefined)},
|
||||||
{depth, cuttlefish:conf_get(Prefix ++ ".depth", Conf, undefined)},
|
{depth, cuttlefish:conf_get(Prefix ++ ".depth", Conf, undefined)},
|
||||||
|
{password, cuttlefish:conf_get(Prefix ++ ".key_password", Conf, undefined)},
|
||||||
{dhfile, cuttlefish:conf_get(Prefix ++ ".dhfile", Conf, undefined)},
|
{dhfile, cuttlefish:conf_get(Prefix ++ ".dhfile", Conf, undefined)},
|
||||||
{keyfile, cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
|
{keyfile, cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
|
||||||
{certfile, cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)},
|
{certfile, cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)},
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue