From e8d44f4a6bd257222c3c0f005fd317d94fff4600 Mon Sep 17 00:00:00 2001 From: Matthias Schneider Date: Thu, 25 Jul 2024 09:20:13 +0200 Subject: [PATCH] #181 support TLS Insecure connection - added flag --tlsinsecure --- cli/util.go | 4 ++++ nats/main.go | 1 + options/options.go | 2 ++ 3 files changed, 7 insertions(+) diff --git a/cli/util.go b/cli/util.go index 9634c4cb..ba1db9ea 100644 --- a/cli/util.go +++ b/cli/util.go @@ -307,6 +307,10 @@ func natsOpts() []nats.Option { connectionName = "NATS CLI Version " + Version } + if opts().TlsInsecure { + copts = append(copts, nats.Secure(&tls.Config{InsecureSkipVerify: true})) + } + return append(copts, []nats.Option{ nats.Name(connectionName), nats.MaxReconnects(-1), diff --git a/nats/main.go b/nats/main.go index f961702f..8378f516 100644 --- a/nats/main.go +++ b/nats/main.go @@ -57,6 +57,7 @@ See 'nats cheat' for a quick cheatsheet of commands` ncli.Flag("tlskey", "TLS private key").Envar("NATS_KEY").PlaceHolder("FILE").ExistingFileVar(&opts.TlsKey) ncli.Flag("tlsca", "TLS certificate authority chain").Envar("NATS_CA").PlaceHolder("FILE").ExistingFileVar(&opts.TlsCA) ncli.Flag("tlsfirst", "Perform TLS handshake before expecting the server greeting").BoolVar(&opts.TlsFirst) + ncli.Flag("tlsinsecure", "Disable TLS Certificate Verification").BoolVar(&opts.TlsInsecure) if runtime.GOOS == "windows" { ncli.Flag("certstore", "Uses a Windows Certificate Store for TLS (user, machine)").PlaceHolder("TYPE").EnumVar(&opts.WinCertStoreType, "user", "windowscurrentuser", "machine", "windowslocalmachine") ncli.Flag("certstore-match", "Which certificate to use in the store").PlaceHolder("QUERY").StringVar(&opts.WinCertStoreMatch) diff --git a/options/options.go b/options/options.go index 867306c6..6a8b1b9d 100644 --- a/options/options.go +++ b/options/options.go @@ -36,6 +36,8 @@ type Options struct { TlsKey string // TlsCA is the certificate authority to verify the connection with TlsCA string + // TlsInsecure Disable TLS Certificate Verification + TlsInsecure bool // Timeout is how long to wait for operations Timeout time.Duration // ConnectionName is the name to use for the underlying NATS connection