Add skeleton for TlsConfig

config/config.go

@@ -142,7 +142,7 @@ func NewDefaultCGRConfig() (*CGRConfig, error) {
 	cfg.generalCfg = new(GeneralCfg)
 	cfg.dataDbCfg = new(DataDbCfg)
 	cfg.storDbCfg = new(StorDbCfg)
-
+	cfg.tlsCfg = new(TlsCfg)
 	cfg.generalCfg.NodeID = utils.UUIDSha1Prefix()
 
 	cfg.sessionSCfg = new(SessionSCfg)
@@ -261,10 +261,6 @@ type CGRConfig struct {
 	RPCJSONTLSListen         string            // RPC JSON TLS listening address
 	RPCGOBTLSListen          string            // RPC GOB TLS listening address
 	HTTPTLSListen            string            // HTTP TLS listening address
-	TLSServerCerificate      string            // path to server certificate
-	TLSServerKey             string            // path to server key
-	TLSClientCerificate      string            // path to client certificate
-	TLSClientKey             string            // path to client key
 	HTTPJsonRPCURL           string            // JSON RPC relative URL ("" to disable)
 	HTTPFreeswitchCDRsURL    string            // Freeswitch CDRS relative URL ("" to disable)
 	HTTPCDRsURL              string            // CDRS relative URL ("" to disable)
@@ -339,6 +335,7 @@ type CGRConfig struct {
 	generalCfg *GeneralCfg // General config
 	dataDbCfg  *DataDbCfg  // Database config
 	storDbCfg  *StorDbCfg  //StroreDb config
+	tlsCfg     *TlsCfg
 }
 
 func (self *CGRConfig) checkConfigSanity() error {

config/config_defaults.go

@@ -85,10 +85,17 @@ const CGRATES_CFG_JSON = `
 	"rpc_json_tls" : "127.0.0.1:2022",		// RPC JSON TLS listening address
 	"rpc_gob_tls": "127.0.0.1:2023",		// RPC GOB TLS listening address
 	"http_tls": "127.0.0.1:2280",			// HTTP TLS listening address
-	"tls_server_certificate" : "",			// path to server certificate(must conatin server.crt + ca.crt)
-	"tls_server_key":"",					// path to server key
-	"tls_client_certificate" : "",			// path to client certificate(must conatin client.crt + ca.crt)
-	"tls_client_key":"",					// path to client key
+},
+
+
+"tls":{
+	"server_certificate" : "",			// path to server certificate
+	"server_key":"",					// path to server key
+	"client_certificate" : "",			// path to client certificate
+	"client_key":"",					// path to client key
+	"ca_certificate":"",				// path to CA certificate (populate if used self-sign certificate)
+	"server_policy":4					// server_policy determine the TLS Client Authentication (0-NoClientCert, 1-RequestClientCert, 2-RequireAnyClientCert, 3-VerifyClientCertIfGiven, 4-RequireAndVerifyClientCert)
+	"server_name":"",					
 },
 
 

config/tlscfg.go

@@ -0,0 +1,30 @@
+/*
+Real-time Online/Offline Charging System (OCS) for Telecom & ISP environments
+Copyright (C) ITsysCOM GmbH
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>
+*/
+
+package config
+
+// AttributeSCfg is the configuration of attribute service
+type TlsCfg struct {
+	ServerCerificate string
+	ServerKey        string
+	ServerPolicy     int
+	ServerName       string
+	ClientCerificate string
+	ClientKey        string
+	CaCertificate    string
+}