opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-08-01 03:11:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(httpsettings): add tls auth option

Browse Source 
- Three text areas where the user can paste
in the CA Cert (optional), Client Cert
and Client Key.

- Tooltips for Auth checkboxes with brief
descriptions of what With Credentials and
With CA Cert are.

- Adds popover for TLS Auth header too.

- Aligns gf-form elements as labels and
checkboxes were not aligned before.

- Makes CA Cert optional as it is only
needed for self-signed certs.
This commit is contained in:
Daniel Lee
2016-11-18 16:53:07 +01:00
parent b6b53c0f4b
commit 0618122bcd
3 changed files with 116 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
pkg/api/dataproxy.go
View File

@ -31,18 +31,18 @@ func DataProxyTransport(ds *m.DataSource) (*http.Transport, error) {
TLSHandshakeTimeout: 10 * time.Second,
}
var tlsAuth bool
var err error
var tlsAuth, tlsAuthWithCACert bool
if ds.JsonData != nil {
tlsAuth, err = ds.JsonData.Get("tlsAuth").Bool()
tlsAuth = ds.JsonData.Get("tlsAuth").MustBool(false)
tlsAuthWithCACert = ds.JsonData.Get("tlsAuthWithCACert").MustBool(false)
}
if err == nil && tlsAuth {
if tlsAuth {
transport.TLSClientConfig.InsecureSkipVerify = false
decrypted := ds.SecureJsonData.Decrypt()
if len(decrypted["tlsCACert"]) > 0 {
if tlsAuthWithCACert && len(decrypted["tlsCACert"]) > 0 {
caPool := x509.NewCertPool()
ok := caPool.AppendCertsFromPEM([]byte(decrypted["tlsCACert"]))
if ok {