Allow bidirectional communication with AutoTLS enabled

hashicorp / go-plugin

Golang plugin system over RPC.

Mozilla Public License 2.0

5.25k stars 450 forks source link

Allow bidirectional communication with AutoTLS enabled #179

Closed jakule closed 2 years ago

jakule commented 3 years ago

Currently enabling AutoTLS when connecting from a plugin back to host ends with transport: authentication handshake failed: x509: certificate is valid for localhost, not unused as described in #109. This PR sets ServerName and RootCAs in tls.Config on the server-side with the certificate received from the host. This allows to successfully establish the connection.

Fixes #109

hashicorp-cla commented 3 years ago

All committers have signed the CLA.

fairclothjm commented 2 years ago

Thanks for the contribution! There was a bit more required to make the mTLS connection. This was fixed in https://github.com/hashicorp/go-plugin/pull/193