Separate TLS config

[nodece]

Motivaction

Currently, we just have one TLS config, which is used for Raft and HTTP/GRPC servers, it is unsafe. When a client uses this TLS config, it can access the Raft and HTTP/GRPC servers, we cannot allow the client to access the Raft server, it is dangerous, so we need to split two TLS configs for HTTP/GPRC servers and Raft servers.

Improvement Way

Support setting the TLS for HTTP/GPRC and Raft servers respectively.

• HTTP/GRPC server TLS config, it is used to client-to-server communication, so like:

  --endpoint-ca-file <path>
  --endpoint-cert-file <path>
  --endpoint-key-file <path>

• Raft server TLS config, it is used to server-to-server communication, so like:

  --peer-ca-file <path>
  --peer-cert-file <path>
  --peer-key-file <path>

[casbin-bot]

@WenyXu @nodece

[AbdelrahmanElawady]

hello I am working on this issue, and looking through the code i think Raft connection is using only the ca file and not using cert file and key file, also for the endpoint only cert and key files are used but ca isn't, so is there a point for adding the unused flags too?