rust/neon
1
0
Fork 0
mirror of https://github.com/neondatabase/neon.git synced 2026-05-27 10:00:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

support mtls

Browse Source
This commit is contained in:
Conrad Ludgate
2025-07-08 17:06:48 +01:00
parent 2b22e0b069
commit 2c915e2f3d
3 changed files with 33 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
proxy/src/binary/proxy.rs
View File

@@ -134,6 +134,9 @@ struct ProxyCliArgs {
/// tls-key and tls-cert are for backwards compatibility, we can put all certs in one dir
#[clap(short = 'c', long, alias = "ssl-cert")]
tls_cert: Option<PathBuf>,
/// path to mTLS certs for client postgres connections
#[clap(long)]
mtls_certs: Option<PathBuf>,
/// Allow writing TLS session keys to the given file pointed to by the environment variable `SSLKEYLOGFILE`.
#[clap(long, alias = "allow-ssl-keylogfile")]
allow_tls_keylogfile: bool,
@@ -625,6 +628,7 @@ fn build_config(args: &ProxyCliArgs) -> anyhow::Result<&'static ProxyConfig> {
(Some(key_path), Some(cert_path)) => Some(config::configure_tls(
key_path,
cert_path,
args.mtls_certs.as_deref(),
args.certs_dir.as_deref(),
args.allow_tls_keylogfile,
)?),