ref: ea487fc43c26579181029ae3b7731f823524370f
parent: f0e9c3dbda90cfdbda3c8a22325849fa72054577
author: Mike <Mike@vals-Mac-mini.hitronhub.home>
date: Thu Dec 5 05:30:09 PST 2019
Add a function for possibly getting our arn
--- /dev/null
+++ b/router/cert.go
@@ -1,0 +1,36 @@
+package router
+
+import (
+ "crypto/tls"
+ "crypto/x509"
+ "log"
+
+ "github.com/aws/aws-sdk-go/service/acm"
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/aws/session"
+)
+
+func getTlsConfig() *tls.Config {+ cl := aws.NewConfig().WithRegion("us-east-2")+ sess := session.Must(session.NewSession(cl))
+ svc := acm.New(sess)
+ arn := "arn:aws:acm:us-east-2:824263434500:certificate/aa0ae6e7-075a-466c-bcb5-8d7874447bcb"
+ ca, err := svc.GetCertificate(&acm.GetCertificateInput{+ CertificateArn: &arn,
+ })
+ cert, err := tls.LoadX509KeyPair("cert.pem", "key.pem")+ if err != nil {+ log.Fatal(err)
+ }
+
+ caCertPool := x509.NewCertPool()
+ caCertPool.AppendCertsFromPEM([]byte(*ca.CertificateChain))
+
+ // Setup HTTPS client
+ tlsConfig := &tls.Config{+ Certificates: []tls.Certificate{cert},+ RootCAs: caCertPool,
+ }
+ tlsConfig.BuildNameToCertificate()
+ return tlsConfig
+}