Skip to content

Commit

Permalink
Merge pull request #615 from egodigitus/examples-tls
Browse files Browse the repository at this point in the history
[ADDED] tls in example clients
  • Loading branch information
kozlovic authored May 4, 2021
2 parents 35e9be9 + 7dcfa15 commit 904b259
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 5 deletions.
19 changes: 16 additions & 3 deletions examples/nats-pub/main.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright 2012-2019 The NATS Authors
// Copyright 2012-2020 The NATS Authors
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
Expand Down Expand Up @@ -26,7 +26,7 @@ import (
// nats-pub -s demo.nats.io:4443 <subject> <msg> (TLS version)

func usage() {
log.Printf("Usage: nats-pub [-s server] [-creds file] <subject> <msg>\n")
log.Printf("Usage: nats-pub [-s server] [-creds file] [-tlscert file] [-tlskey file] [-tlscacert file] <subject> <msg>\n")
flag.PrintDefaults()
}

Expand All @@ -38,8 +38,11 @@ func showUsageAndExit(exitcode int) {
func main() {
var urls = flag.String("s", nats.DefaultURL, "The nats server URLs (separated by comma)")
var userCreds = flag.String("creds", "", "User Credentials File")
var showHelp = flag.Bool("h", false, "Show help message")
var tlsClientCert = flag.String("tlscert", "", "TLS client certificate file")
var tlsClientKey = flag.String("tlskey", "", "Private key file for client certificate")
var tlsCACert = flag.String("tlscacert", "", "CA certificate to verify peer against")
var reply = flag.String("reply", "", "Sets a specific reply subject")
var showHelp = flag.Bool("h", false, "Show help message")

log.SetFlags(0)
flag.Usage = usage
Expand All @@ -62,6 +65,16 @@ func main() {
opts = append(opts, nats.UserCredentials(*userCreds))
}

// Use TLS client authentication
if *tlsClientCert != "" && *tlsClientKey != "" {
opts = append(opts, nats.ClientCert(*tlsClientCert, *tlsClientKey))
}

// Use specific CA certificate
if *tlsCACert != "" {
opts = append(opts, nats.RootCAs(*tlsCACert))
}

// Connect to NATS
nc, err := nats.Connect(*urls, opts...)
if err != nil {
Expand Down
17 changes: 15 additions & 2 deletions examples/nats-sub/main.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright 2012-2019 The NATS Authors
// Copyright 2012-2020 The NATS Authors
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
Expand Down Expand Up @@ -28,7 +28,7 @@ import (
// nats-sub -s demo.nats.io:4443 <subject> (TLS version)

func usage() {
log.Printf("Usage: nats-sub [-s server] [-creds file] [-t] <subject>\n")
log.Printf("Usage: nats-sub [-s server] [-creds file] [-tlscert file] [-tlskey file] [-tlscacert file] [-t] <subject>\n")
flag.PrintDefaults()
}

Expand All @@ -44,6 +44,9 @@ func printMsg(m *nats.Msg, i int) {
func main() {
var urls = flag.String("s", nats.DefaultURL, "The nats server URLs (separated by comma)")
var userCreds = flag.String("creds", "", "User Credentials File")
var tlsClientCert = flag.String("tlscert", "", "TLS client certificate file")
var tlsClientKey = flag.String("tlskey", "", "Private key file for client certificate")
var tlsCACert = flag.String("tlscacert", "", "CA certificate to verify peer against")
var showTime = flag.Bool("t", false, "Display timestamps")
var showHelp = flag.Bool("h", false, "Show help message")

Expand All @@ -69,6 +72,16 @@ func main() {
opts = append(opts, nats.UserCredentials(*userCreds))
}

// Use TLS client authentication
if *tlsClientCert != "" && *tlsClientKey != "" {
opts = append(opts, nats.ClientCert(*tlsClientCert, *tlsClientKey))
}

// Use specific CA certificate
if *tlsCACert != "" {
opts = append(opts, nats.RootCAs(*tlsCACert))
}

// Connect to NATS
nc, err := nats.Connect(*urls, opts...)
if err != nil {
Expand Down

0 comments on commit 904b259

Please sign in to comment.