From aece63b10e83c682edb2b5e04a25eab07410acf1 Mon Sep 17 00:00:00 2001 From: Gyuho Lee Date: Tue, 20 Mar 2018 15:08:36 -0700 Subject: [PATCH] etcdctl: use "TrustedCAFile" Signed-off-by: Gyuho Lee --- etcdctl/ctlv2/command/util.go | 8 ++++---- etcdctl/ctlv3/command/global.go | 2 +- etcdctl/ctlv3/ctl.go | 3 ++- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/etcdctl/ctlv2/command/util.go b/etcdctl/ctlv2/command/util.go index e4719d77a..7cbc0de2c 100644 --- a/etcdctl/ctlv2/command/util.go +++ b/etcdctl/ctlv2/command/util.go @@ -173,10 +173,10 @@ func getTransport(c *cli.Context) (*http.Transport, error) { discoveryDomain = "" } tls := transport.TLSInfo{ - CAFile: cafile, - CertFile: certfile, - KeyFile: keyfile, - ServerName: discoveryDomain, + CertFile: certfile, + KeyFile: keyfile, + ServerName: discoveryDomain, + TrustedCAFile: cafile, } dialTimeout := defaultDialTimeout diff --git a/etcdctl/ctlv3/command/global.go b/etcdctl/ctlv3/command/global.go index e52442ff8..b9398944e 100644 --- a/etcdctl/ctlv3/command/global.go +++ b/etcdctl/ctlv3/command/global.go @@ -180,7 +180,7 @@ func newClientCfg(endpoints []string, dialTimeout, keepAliveTime, keepAliveTimeo } if scfg.cacert != "" { - tlsinfo.CAFile = scfg.cacert + tlsinfo.TrustedCAFile = scfg.cacert cfgtls = &tlsinfo } diff --git a/etcdctl/ctlv3/ctl.go b/etcdctl/ctlv3/ctl.go index 8692084cf..43bbf7333 100644 --- a/etcdctl/ctlv3/ctl.go +++ b/etcdctl/ctlv3/ctl.go @@ -19,6 +19,7 @@ import ( "time" "github.com/coreos/etcd/etcdctl/ctlv3/command" + "github.com/spf13/cobra" ) @@ -62,7 +63,7 @@ func init() { rootCmd.PersistentFlags().BoolVar(&globalFlags.InsecureSkipVerify, "insecure-skip-tls-verify", false, "skip server certificate verification") rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.CertFile, "cert", "", "identify secure client using this TLS certificate file") rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.KeyFile, "key", "", "identify secure client using this TLS key file") - rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.CAFile, "cacert", "", "verify certificates of TLS-enabled secure servers using this CA bundle") + rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.TrustedCAFile, "cacert", "", "verify certificates of TLS-enabled secure servers using this CA bundle") rootCmd.PersistentFlags().StringVar(&globalFlags.User, "user", "", "username[:password] for authentication (prompt if password is not supplied)") rootCmd.PersistentFlags().StringVarP(&globalFlags.TLS.ServerName, "discovery-srv", "d", "", "domain name to query for SRV records describing cluster endpoints")