mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
Add support of TLS session tickets with KES server (#14577)
Reduce overhead for communication between MinIO server and KES server.
This commit is contained in:
parent
61eb9d4e29
commit
b20ecc7b54
@ -27,6 +27,10 @@ import (
|
||||
"github.com/minio/kes"
|
||||
)
|
||||
|
||||
const (
|
||||
tlsClientSessionCacheSize = 100
|
||||
)
|
||||
|
||||
// Config contains various KMS-related configuration
|
||||
// parameters - like KMS endpoints or authentication
|
||||
// credentials.
|
||||
@ -59,9 +63,10 @@ func NewWithConfig(config Config) (KMS, error) {
|
||||
copy(endpoints, config.Endpoints)
|
||||
|
||||
client := kes.NewClientWithConfig("", &tls.Config{
|
||||
MinVersion: tls.VersionTLS12,
|
||||
Certificates: []tls.Certificate{config.Certificate},
|
||||
RootCAs: config.RootCAs,
|
||||
MinVersion: tls.VersionTLS12,
|
||||
Certificates: []tls.Certificate{config.Certificate},
|
||||
RootCAs: config.RootCAs,
|
||||
ClientSessionCache: tls.NewLRUClientSessionCache(tlsClientSessionCacheSize),
|
||||
})
|
||||
client.Endpoints = endpoints
|
||||
return &kesClient{
|
||||
|
Loading…
Reference in New Issue
Block a user