chore(gw-exproto): refactor ssl options

apps/emqx_gateway/src/emqx_gateway_http.erl

@@ -294,7 +294,7 @@ with_channel(GwName, ClientId, Fun) ->
 return_http_error(Code, Msg) ->
     {Code, emqx_json:encode(
              #{code => codestr(Code),
-               reason => emqx_gateway_utils:stringfy(Msg)
+               message => emqx_gateway_utils:stringfy(Msg)
               })
     }.
 

apps/emqx_gateway/src/emqx_gateway_schema.erl

@@ -109,25 +109,26 @@ fields(exproto) ->
 
 fields(exproto_grpc_server) ->
     [ {bind, sc(hoconsc:union([ip_port(), integer()]))}
-    , {ssl, sc_meta(ref(simple_ssl_options),
+    , {ssl, sc_meta(ref(ssl_server_opts),
                     #{nullable => {true, recursively}})}
     ];
 
 fields(exproto_grpc_handler) ->
     [ {address, sc(binary())}
-    , {ssl, sc_meta(ref(simple_ssl_options),
+    , {ssl, sc_meta(ref(ssl_client_opts),
                     #{nullable => {true, recursively}})}
     ];
 
-fields(simple_ssl_options) ->
+fields(ssl_server_opts) ->
-    [ {cacertfile, sc_meta(string(), #{nullable => true})}
+    emqx_schema:server_ssl_opts_schema(
-    , {certfile, sc_meta(string(), #{nullable => true})}
+      #{ depth => 10
-    , {keyfile, sc_meta(string(), #{nullable => true})}
+       , reuse_sessions => true
-    , {verify, sc(hoconsc:enum([verify_peer, verify_none]), verify_none)}
+       , versions => tls_all_available
-    , {depth, sc(integer(), 10)}
+       , ciphers => tls_all_available
-    , {password, sc_meta(string(), #{sensitive => true, nullable => true})}
+       }, true);
-    %% XXX: More confs ???
+
-    ];
+fields(ssl_client_opts) ->
+    emqx_schema:client_ssl_opts_schema(#{});
 
 fields(clientinfo_override) ->
     [ {username, sc(binary())}