Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MG-2080 - Add TLS Certs Loading and Certificate Revocation #57

Merged
merged 43 commits into from
Apr 4, 2024
Merged

MG-2080 - Add TLS Certs Loading and Certificate Revocation #57

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
43 commits
Select commit Hold shift + click to select a range
09cfd7a
add tls loading proxy server
arvindh123 Feb 28, 2024
b0936e4
Add TLS, mTLS, OCSP, CRL Certificate verification
arvindh123 Feb 28, 2024
07d18c8
Add TLS, mTLS & OCSP, CRL Certificate verification
arvindh123 Feb 29, 2024
9822be7
Add TLS, mTLS & OCSP, CRL Certificate verification
arvindh123 Mar 6, 2024
9eb6ff1
add tls, mtls with ocsp, crl for mqtt, mqtt websocket & http
arvindh123 Mar 6, 2024
d90128f
Add: TLS, mTLS & OCSP,CRL certificate verification
arvindh123 Mar 7, 2024
e8acdad
add: new line at EOF
arvindh123 Mar 7, 2024
320f0dd
fix cl lint errors
arvindh123 Mar 7, 2024
25b9ba7
add: supporting certificates
arvindh123 Mar 12, 2024
63e8aa6
add file extension to mosquitto server bash script
arvindh123 Mar 12, 2024
a0fb36c
add file extension to mosquitto server bash script
arvindh123 Mar 12, 2024
c7d1db3
move peer certificate verification to new file
arvindh123 Mar 12, 2024
8f4e658
remove secure from TLSConfig Load
arvindh123 Mar 12, 2024
2611254
move ocsp responder to example, and used .env for env var
arvindh123 Mar 13, 2024
c828efb
add docs
arvindh123 Mar 13, 2024
586772a
fix docs
arvindh123 Mar 13, 2024
7e93cb5
fix tls function
arvindh123 Mar 13, 2024
ed6a522
add ci for test
arvindh123 Mar 13, 2024
384638d
add ci for test
arvindh123 Mar 13, 2024
52f5b2c
remove ci for test
arvindh123 Mar 13, 2024
20352e8
add: empty line at EOF
arvindh123 Mar 13, 2024
de6d211
add: empty line at EOF
arvindh123 Mar 13, 2024
a27722f
update ocsp responder support for crl distribution
arvindh123 Mar 19, 2024
e50a698
update tls client verification flow
arvindh123 Mar 19, 2024
6a0b49b
update makefile , rename thing to client, fix errors
arvindh123 Mar 19, 2024
66cf51d
add docs
arvindh123 Mar 19, 2024
ac9e83b
move config security to utils
arvindh123 Mar 25, 2024
34ab3cf
changed approch for mptls config
arvindh123 Mar 25, 2024
5c7acd2
Use TLS config to extract logs
dborovcanin Apr 1, 2024
e675d15
Fix security status logging
dborovcanin Apr 2, 2024
e7613d0
Reorganize code for loading certificates
dborovcanin Apr 2, 2024
d3bd9ad
Remove unused methods
dborovcanin Apr 2, 2024
5629ed1
Refactor TLS layer
dborovcanin Apr 2, 2024
2ac18d8
Update TLS package structure
dborovcanin Apr 3, 2024
9075325
Update .env and README files
dborovcanin Apr 3, 2024
fcd717d
Simplify config logaing
dborovcanin Apr 3, 2024
4a1b7f0
Add comments for exported fields
dborovcanin Apr 3, 2024
7b8e33b
Fix env var names
dborovcanin Apr 3, 2024
bcefabb
Fix linter remarks
dborovcanin Apr 3, 2024
e332110
Address port comment
dborovcanin Apr 3, 2024
b8d1249
Merge pull request #1 from dborovcanin/tls_ocsp
arvindh123 Apr 3, 2024
bbef489
fix documentation
arvindh123 Apr 4, 2024
ea43d4e
modify mosquito server conf
arvindh123 Apr 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 57 additions & 0 deletions .env
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
MPROXY_MQTT_WITHOUT_TLS_ADDRESS=:1884
MPROXY_MQTT_WITHOUT_TLS_TARGET=localhost:1883

MPROXY_MQTT_WITH_TLS_ADDRESS=:8883
MPROXY_MQTT_WITH_TLS_TARGET=localhost:1883
MPROXY_MQTT_WITH_TLS_CERT_FILE=ssl/certs/server.crt
MPROXY_MQTT_WITH_TLS_KEY_FILE=ssl/certs/server.key
MPROXY_MQTT_WITH_TLS_SERVER_CA_FILE=ssl/certs/ca.crt

MPROXY_MQTT_WITH_MTLS_ADDRESS=:8884
MPROXY_MQTT_WITH_MTLS_TARGET=localhost:1883
MPROXY_MQTT_WITH_MTLS_CERT_FILE=ssl/certs/server.crt
MPROXY_MQTT_WITH_MTLS_KEY_FILE=ssl/certs/server.key
MPROXY_MQTT_WITH_MTLS_SERVER_CA_FILE=ssl/certs/ca.crt
MPROXY_MQTT_WITH_MTLS_CLIENT_CA_FILE=ssl/certs/ca.crt
MPROXY_MQTT_WITH_MTLS_CERT_VERIFICATION_METHODS=ocsp
MPROXY_MQTT_WITH_MTLS_OCSP_RESPONDER_URL=http://localhost:8080/ocsp

MPROXY_MQTT_WS_WITHOUT_TLS_ADDRESS=:8083
MPROXY_MQTT_WS_WITHOUT_TLS_TARGET=ws://localhost:8000/

MPROXY_MQTT_WS_WITH_TLS_ADDRESS=:8084
MPROXY_MQTT_WS_WITH_TLS_TARGET=ws://localhost:8000/
MPROXY_MQTT_WS_WITH_TLS_CERT_FILE=ssl/certs/server.crt
MPROXY_MQTT_WS_WITH_TLS_KEY_FILE=ssl/certs/server.key
MPROXY_MQTT_WS_WITH_TLS_SERVER_CA_FILE=ssl/certs/ca.crt

MPROXY_MQTT_WS_WITH_MTLS_ADDRESS=:8085
MPROXY_MQTT_WS_WITH_MTLS_PREFIX_PATH=/mqtt
MPROXY_MQTT_WS_WITH_MTLS_TARGET=ws://localhost:8000/
MPROXY_MQTT_WS_WITH_MTLS_CERT_FILE=ssl/certs/server.crt
MPROXY_MQTT_WS_WITH_MTLS_KEY_FILE=ssl/certs/server.key
MPROXY_MQTT_WS_WITH_MTLS_SERVER_CA_FILE=ssl/certs/ca.crt
MPROXY_MQTT_WS_WITH_MTLS_CLIENT_CA_FILE=ssl/certs/ca.crt
MPROXY_MQTT_WS_WITH_MTLS_CERT_VERIFICATION_METHODS=ocsp
MPROXY_MQTT_WS_WITH_MTLS_OCSP_RESPONDER_URL=http://localhost:8080/ocsp

MPROXY_HTTP_WITHOUT_TLS_ADDRESS=:8086
MPROXY_HTTP_WITHOUT_TLS_PREFIX_PATH=/messages
MPROXY_HTTP_WITHOUT_TLS_TARGET=http://localhost:8888/

MPROXY_HTTP_WITH_TLS_ADDRESS=:8087
MPROXY_HTTP_WITH_TLS_PREFIX_PATH=/messages
MPROXY_HTTP_WITH_TLS_TARGET=http://localhost:8888/
MPROXY_HTTP_WITH_TLS_CERT_FILE=ssl/certs/server.crt
MPROXY_HTTP_WITH_TLS_KEY_FILE=ssl/certs/server.key
MPROXY_HTTP_WITH_TLS_SERVER_CA_FILE=ssl/certs/ca.crt

MPROXY_HTTP_WITH_MTLS_ADDRESS=:8088
MPROXY_HTTP_WITH_MTLS_PREFIX_PATH=/messages
MPROXY_HTTP_WITH_MTLS_TARGET=http://localhost:8888/
MPROXY_HTTP_WITH_MTLS_CERT_FILE=ssl/certs/server.crt
MPROXY_HTTP_WITH_MTLS_KEY_FILE=ssl/certs/server.key
MPROXY_HTTP_WITH_MTLS_SERVER_CA_FILE=ssl/certs/ca.crt
MPROXY_HTTP_WITH_MTLS_CLIENT_CA_FILE=ssl/certs/ca.crt
MPROXY_HTTP_WITH_MTLS_CERT_VERIFICATION_METHODS=ocsp
MPROXY_HTTP_WITH_MTLS_OCSP_RESPONDER_URL=http://localhost:8080/ocsp
1 change: 0 additions & 1 deletion .golangci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ linters-settings:
importas:
no-unaliased: true
no-extra-aliases: false

gocritic:
enabled-checks:
- captLocal
Expand Down
316 changes: 269 additions & 47 deletions README.md
View file
Open in desktop

Large diffs are not rendered by default.

Loading
Loading