https://github.com/twmb/tlscfg

Easy *tls.Config initialization for Go
https://github.com/twmb/tlscfg

Last synced: about 1 year ago
JSON representation

Easy *tls.Config initialization for Go

• Host: GitHub
• URL: https://github.com/twmb/tlscfg
• Owner: twmb
• License: bsd-3-clause
• Created: 2021-08-17T21:30:38.000Z (almost 5 years ago)
• Default Branch: main
• Last Pushed: 2023-01-11T21:21:29.000Z (over 3 years ago)
• Last Synced: 2025-03-28T01:50:41.487Z (about 1 year ago)
• Language: Go
• Size: 22.5 KB
• Stars: 6
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
tlscfg

=====

This repo provides an option-driven Go package that simplifies initializing a

well configured `*tls.Config`.

Initializing a `*tls.Config` is a rote task, and often good, secure defaults

are not so obvious. This package aims to eliminate the chore of initializing a

`*tls.Config` correctly and securely.

New returns a valid config with system certificates and tls v1.2+ ciphers. The

With functions can be used to further add certificates or override settings as

appropriate.

Usage:

```go

cfg, err := tlscfg.New(

        tlscfg.MaybeWithDiskCA( // optional CA

                *flagCA,

                tlscfg.ForClient,

        ),

        tlscfg.WithDiskKeyPair( // required client cert+key pair

                "cert.pem",

                "key.pem",

        ),

)

if err != nil {

        // handle

}

```