lua-nats icon indicating copy to clipboard operation
lua-nats copied to clipboard

Published 20 hours ago verified publisher icon DawnAngel

Add TLS support

Open rgacogne opened this issue 5 months ago • 0 comments

Hi!

This pull request implements TLS support using the luasec library, as an optional dependency.

I tested against the NATS Docker image by first generating a CA then using it to sign a certificate and a key, and starting the NATS server with:

docker run -v /path/to/server.pem:/tmp/server.cert -v /path/to/server.key:/tmp/server.key -v /path/to/ca.pem:/tmp/ca.pem -p 4223:4222 -ti nats:latest --tlscert /tmp/server.cert --tlskey /tmp/server.key --tlscacert /tmp/ca.pem

then connecting with:

local client = nats.connect({
    host = '127.0.0.1',
    port = 4222,
    tls = true,
    tls_ca_file = '/path/to/ca.pem',
})

The generation setup is basically the one used in https://github.com/PowerDNS/pdns/blob/master/regression-tests.dnsdist/Makefile, if that helps.

Please feel free to ask for any kind of changes, as the existing code is very well-structured and while I tried hard to keep it that way, I'm pretty sure it's not perfect!

It closes https://github.com/DawnAngel/lua-nats/issues/4

Best regards,

Remi Gacogne PowerDNS.com B.V

rgacogne avatar Sep 03 '24 08:09 rgacogne