diff --git a/fixtures/https/README.md b/fixtures/https/README.md new file mode 100644 index 0000000..7c04a66 --- /dev/null +++ b/fixtures/https/README.md @@ -0,0 +1,11 @@ +# Commands to generate certificates: + +Commands are based on the following tutorial: https://medium.com/@harsha.senarath/how-to-implement-tls-ft-golang-40b380aae288 + +## Self-Signed CA: + openssl req -new -newkey rsa:2048 -keyout ca.key -x509 -sha256 -days 999999 -out ca.crt +## Server Certificated based on self-Signed CA: + openssl genrsa -out server.key 2048 + openssl req -new -key server.key -out server.csr -config server.cnf + openssl req -noout -text -in server.csr + openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 999999 -sha256 -extfile server.cnf -extensions v3_ext diff --git a/fixtures/https/ca.crt b/fixtures/https/ca.crt new file mode 100644 index 0000000..4386e08 --- /dev/null +++ b/fixtures/https/ca.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDbTCCAlWgAwIBAgIUXbr84IapD9BcjAlk7+uBVNYUzaswDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDEyMjMxODE5MThaGA80NzYy +MTExOTE4MTkxOFowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBANs1MyJYB2duAXKBCHTEBXAbv3ZbbsRW7TZKnvdG +L8NaSqPxbhxkjwI1hBx+eL9N/ExqSlKcWRYNeFZQ+U6VllylOBsS75W86QceENJr +qWhtUmgagwWqvRPifbIV9+oMOl1ybupa2/oMxzi4DUIByuR+F8BIcIGNrj+CYkJo +w2MZXsbGunprJdtaexIbAjiwCQHjIasVuWxs5QSx5VGG0IL3DqcwuoLa5QCrbXV2 +iennB8huBDoI5fgX+9AkRR4U0oH6nRra+2FWUoRFCkjRQpyjhorWnAcIvSBeIDca +T/hKLURj9Zi7l0HG3bk5wwS8GFe6XyzJYUrMfWJNFvwN8DMCAwEAAaNTMFEwHQYD +VR0OBBYEFIu9pE86XVeeerUGAxWIbLgjx+iiMB8GA1UdIwQYMBaAFIu9pE86XVee +erUGAxWIbLgjx+iiMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB +ABA0/74WYakLnzK05EfKExNcvtaOmJZ5UMsqDk1PMmQTktwOUbrIGS9gbPqhtd/8 +DfZvO7TinKbWzSKTCtUQb2koDZebZe1/VC6tetkVz7o/44N2j70z53IFJoaDFoJK +Db3QB/fuEfvRuCtrB7KzvZx4INyIX4/hEo6MQrBQEI4UFGm/g8QvVyFAolswFy+O +0R+mNcXUdf11IAqsqHqcxb0mAFtfYMQZTK9ES3xg882TLKOBUp9ekm3Z6403fWuO +Pa7fv6yJj9A+739dpWVWOt1RXMJ1CG3SADpDh0kZ8abpL4uMGHD9KpJgimgCacEr +TlEoCrm2fGJxt58bJEnFVlY= +-----END CERTIFICATE----- diff --git a/fixtures/https/ca.key b/fixtures/https/ca.key new file mode 100644 index 0000000..3324810 --- /dev/null +++ b/fixtures/https/ca.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFJDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQ+1ePek6y4XvHR0q2 +9aShnQICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIi7OsVGP/rEYEggTI +8SzcBZ/JpHdQ8zxk2m9hsD+YIXxHcbaV6Bht0GPPCFaEi0iTO/k/ukeQMCYOBcDQ +B6ggt/q0bErjSKUdNu0v8lePo4HpOPriDnlXiIJhtelQ3OiOHf7uBcWq5sKj2nXb +BOQHazLT6Q0fFlwO1P1TTVNCFJNe/dZbVLJW81zW+yqTJGKOV3hAL4Jg5l0d5W6c +WbfU5YB74ew3Kd3cx8nWEHinZJI1DG3AFL6I1Cl/bX2+UeGA+I1XaK4sfcDiFxsF +1XtduTYz8ZHc/78IVL1oWlEJ/ucGltr/cBEaNLemKhWP4onVj/lNIviAXMqXGN4b +C6ZW7Xpg9AjXeqlJUHHh+oU1AIZuMxk2V4ztxGav7yK3NIOk5JRk8TqAqSuySdtB +lOeh9NUFUMHTY2DKrbbPuP7wYxY3dUKjN1AjeumH7sCQ2mrjpuRhQAxz6BjLGvs/ ++4DbrxPjt5BC2cIMpYk9zZ649ojWUFkXUopESGwtjR1UkiFiK/q3sLLUnjuvcrKk +oXAxsvyZSX7mjs58IH+aa/LwXagoyIrTWUT+xxK21l6PlC+Pk0PXDfK2zGGmSXj+ +tDueElFIRfizQhh4Mw1y0uq3NyiRnX8VroMyCC9A/5y+OcXn+A72VsnkEXRePzO8 +MliKsNoBBFWV3qFXwtCvWkAyn8TKzQ8mivwqICISSKJe+HclNGKGI/CeORWFDAK8 +3Oooe0OuuOOMMVbIDxr4cOMTCnHoAcyPU9FkmIy7/0KcUnplDGWnbUgjHskxD/mp +vRcmP9x7RzSZvQqRH51SBEWdieZT9jJUTe7U4W4/OLIHa8ZKhrqhDcsRfB4M8yEp +tlntEqpKE9ZBYSRTaCuwwA3v+TJ7kTGffB/TjFOy6kR84RIbQGKvWjy7ebjVDlJ2 +nAdNVFqoQiS7sKEYv0KNLUo+k5YoW1FAvSHhRkcspmRzX2GLuff5FeOuL/8N2LYi +fnmqJ2wQt2jW/H8eOBs1M6kz/ZpM5nyGduysfP2jJ7X9/2HLKoJ1DXDFBz3K1xGT +ZtXDKNaZDhe3Gh0njl5BqGACppxjUL3b0XwP3Mvhlaue7o02erIpw0e7SaoTbhzx +s+6m98+vNDaN3YrBTOhV+XFEBUl3twsSAvFPJZW4YRyqfQWBKIAjKQR1h9LZJ+i6 +DNwNpsBbpoPoXUQP6eqUHA7ws/LqqV6WsTyxsJzOyvF8efJAVDHbkkivgEbyXlci +KO4XdAJl+eTUbWmqPRFIy6ZwmL55NLPXoqT4Q06/9XLWrQNzUJxdUoUGYK2qPav7 +idDoxtfwSq6mRfw5zL4jflJg8W/5zfomYe8CMoOxxPj/I2aDauKXJPQuu/pbB/u5 +kyZxBoMA6HnZNDVAmFMqjNd13OQ/sfDIiE8k1Sqw0Y6sMtdqZ9EwFw+boHj+6uPk +hSeCPJNNelZk0JGtQ6PlLwbBA+A/mxrXmrj43cLVvot+vM3xcpX+clhkX3J3VxKj +c9lse3SExf2QQTbGrZZJPuqvZGL36BFSD4t6EaPXM75qRQoyQmwv55mBZ6a6Di9W +3gTxKxTEZz3m8fM8h2O6bGJGA16WHrKG6t4FHOYf70PJBfg9fSbGiF4Cc2TRdPNK +1N4DPw3W2EHs86laJGnU+4GjmeQ6V+Zc +-----END ENCRYPTED PRIVATE KEY----- diff --git a/fixtures/https/ca.srl b/fixtures/https/ca.srl new file mode 100644 index 0000000..f317057 --- /dev/null +++ b/fixtures/https/ca.srl @@ -0,0 +1 @@ +2C273E731551583E584EBBE1169E9AC2D6CC0925 diff --git a/fixtures/https/config.yml b/fixtures/https/config.yml new file mode 100644 index 0000000..7b2b3ad --- /dev/null +++ b/fixtures/https/config.yml @@ -0,0 +1,12 @@ +logstash: + instances: + - url: "http://localhost:9234" + timeout: 3s +server: + host: "127.0.0.1" + port: 9183 + keyFile: "../../fixtures/https/server.key" + certFile: "../../fixtures/https/server.crt" + enableSSL: true +logging: + level: "info" diff --git a/fixtures/https/server.cnf b/fixtures/https/server.cnf new file mode 100644 index 0000000..8c0d787 --- /dev/null +++ b/fixtures/https/server.cnf @@ -0,0 +1,13 @@ +[req] +default_md = sha256 +prompt = no +req_extensions = v3_ext +distinguished_name = req_distinguished_name + +[req_distinguished_name] +CN = localhost + +[v3_ext] +keyUsage = critical,digitalSignature,keyEncipherment +extendedKeyUsage = critical,serverAuth,clientAuth +subjectAltName = DNS:localhost diff --git a/fixtures/https/server.crt b/fixtures/https/server.crt new file mode 100644 index 0000000..e101de8 --- /dev/null +++ b/fixtures/https/server.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdTCCAl2gAwIBAgIULCc+cxVRWD5YTrvhFp6awtbMCSUwDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDEyMjMxODE5NDVaGA80NzYy +MTExOTE4MTk0NVowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAtJ7YvkTJZNmqYV085yQLiwuJ7AwrEy0UDI054TDE +FXIixKkcvAyG7utDVfZaH1NgLw2dmpITRtpJg/u7k7uVkcZfMhRWjvnIYatfbmYK +jM+gXyL7QbOzT9AmjFBlHTnDefb+0JorIaVSvx70d/mZHCyU87Mb9+ZnHUSrob8H +pzcUd+8MRieV4itlverQQyZjMjyEcuHZp6J84L+ouIJPQENziCmy8pCwm5KZt5Fp +9JFKSvwB3eb+MOMPzaYv+dtsq4tt/QHFddzPbAk/jFbyrhuREylIxYFGtiZoMH1w +uaFTZdtRCXrNH2YU/jYk8EgIgzF2cMwZljYzEH2GUi5cWQIDAQABo4GLMIGIMA4G +A1UdDwEB/wQEAwIFoDAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +FAYDVR0RBA0wC4IJbG9jYWxob3N0MB0GA1UdDgQWBBR3a77IlMBkppor02nxQtPx +XJav+jAfBgNVHSMEGDAWgBSLvaRPOl1Xnnq1BgMViGy4I8foojANBgkqhkiG9w0B +AQsFAAOCAQEAtkEfRulyg5VLwddTI1anwD2SWkWxK/RLVuZQ90L8XBa2AtZQvm7e +705jCK9q5IjbrNoqdxnRvaxLza8KpCCDB76UtI8TBOTWpRSb6TFdBZ+cvM7F11Nx +Qw0HE68gAu0B8tpkRjSsjbOOHsqKhCdmICHU6W247PlwOBJuL07QoyKLHK5KwF9v +M+WAiXLMcGhJRn+nTLRBeI3oBxo1Ok8EuTTgdNvezLxWevheZ/YKiiIwomrRfS4Y +jmZHfembTJPvGS6sC21FmrpU4r0pNo4nxIC+VpaOrb90wh3YjaXUvINXDOyCcyIg +ENmbyxvW+DhygZ1pvaJk/FIIXNu0h2gRIg== +-----END CERTIFICATE----- diff --git a/fixtures/https/server.csr b/fixtures/https/server.csr new file mode 100644 index 0000000..03d71a6 --- /dev/null +++ b/fixtures/https/server.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICsjCCAZoCAQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAtJ7YvkTJZNmqYV085yQLiwuJ7AwrEy0UDI054TDE +FXIixKkcvAyG7utDVfZaH1NgLw2dmpITRtpJg/u7k7uVkcZfMhRWjvnIYatfbmYK +jM+gXyL7QbOzT9AmjFBlHTnDefb+0JorIaVSvx70d/mZHCyU87Mb9+ZnHUSrob8H +pzcUd+8MRieV4itlverQQyZjMjyEcuHZp6J84L+ouIJPQENziCmy8pCwm5KZt5Fp +9JFKSvwB3eb+MOMPzaYv+dtsq4tt/QHFddzPbAk/jFbyrhuREylIxYFGtiZoMH1w +uaFTZdtRCXrNH2YU/jYk8EgIgzF2cMwZljYzEH2GUi5cWQIDAQABoFkwVwYJKoZI +hvcNAQkOMUowSDAOBgNVHQ8BAf8EBAMCBaAwIAYDVR0lAQH/BBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQsF +AAOCAQEAq3kIDFc9G+UVl3vfzaKMn9c95ClSYV9OIcnXoO1Mm/engyOHbgkSUYkI +qS3VDk+DnOtU4c1BxIlcyDTzKnVRnHr/0U7YpHO4OU7VzX3tWqmAn9mseUUoUvXL +94i4Y0JQ4880g39oZwdeQ9mPrLLwrysXHA0qbcVagPAUkRgOVu6dUzccKHPCLVy9 +xivjoccUSJi7fYlmqc/ssEW/HwUl9iGcpG2UnH6YE8W5rZa6VO9NAX7vnZXjef1s +Q+JonAOGDdY/E6v859/GaGbYcPe5McKdZgNeK0zEPxrNNp02yT/6YyNHfSnitNKK +jqttrR+nmgpIBn21SdYai+tR5HDycQ== +-----END CERTIFICATE REQUEST----- diff --git a/fixtures/https/server.key b/fixtures/https/server.key new file mode 100644 index 0000000..2d10e82 --- /dev/null +++ b/fixtures/https/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC0nti+RMlk2aph +XTznJAuLC4nsDCsTLRQMjTnhMMQVciLEqRy8DIbu60NV9lofU2AvDZ2akhNG2kmD ++7uTu5WRxl8yFFaO+chhq19uZgqMz6BfIvtBs7NP0CaMUGUdOcN59v7QmishpVK/ +HvR3+ZkcLJTzsxv35mcdRKuhvwenNxR37wxGJ5XiK2W96tBDJmMyPIRy4dmnonzg +v6i4gk9AQ3OIKbLykLCbkpm3kWn0kUpK/AHd5v4w4w/Npi/522yri239AcV13M9s +CT+MVvKuG5ETKUjFgUa2JmgwfXC5oVNl21EJes0fZhT+NiTwSAiDMXZwzBmWNjMQ +fYZSLlxZAgMBAAECggEADDMm/2oIwt63ZQptzsx22aJSw256edn7ftIKsOjQ88Rg +8BDeo56CfjCGnK+uPGuupVr5dFttwSVFHiyyiarb0kv4edrZEmDxfZRcVqn+iC6N +feOQXkqXn9pWwjc7by8LwqkR4s/o/iWrKkTaXSCvLHGf8Xp9dv/5YscUwzDyoMMI +55KWUhZmjOEKrpy/DV9xsw1xZcfvQKf45QKeU36rkgMehQP0TAlynGn6FcdmiZqR +MxWn8inO9zrJA8rdnnycZ02CcZEmpk2wmAEol3lT4ghRzGHKKQWCYOcFif998kXh +oUhZt6yiuaqDhFPHDRE+G1uiYwu1EzBZkr+w65y3gQKBgQDnEOQPY6duZ+t7wUhX +Loc8VaBKpdjkdvBIowHuHykrWSIT3z1uCMUjhK8SzI2/zi/6lZkFtgsa/ZM7lMlJ +Q3gHujIlXkaEbN71gPF/qQiQXu0AFkYvAOjEtcPNSz2e+XNzxQIsK1irhCTKbEFx +nlMV7M/bxEqpsOP16aPx1tN72QKBgQDIHGspQrhUdF3/XHzm0vfgTMJ8BRkmFPIM +KioOtXvOgsJpcoTkH/oGYqLe/QefTmLxKLvDKmVjx7kKObGkEAHS5o2+nx3JekO9 +YatuoGCwWNeyviYePTkkQQDsVgqUwkdAvX9whlpg6jfGS9FUMD7ccktwv/I1oQL+ +el2UJXAUgQKBgQDAHRoQ9YEq2Xo/nbcgzU2hS2wHRJbtdTpYmjcrnXrkUKp1rUFs +8BvAaTwKvEoKtErN5H2i8vWOzlAQ1Kb6o/7zJcs1qImm5sIFity/kHHPXy1byik2 +QWJG0v1l/e3Q9IQaOC2TPcLub+MK7jEHX2SjMQ6tISoWpj0So9wsYbnaGQKBgFcK +VWo7BSZm/0PFnOZhuUOs36NGLGwuDCJSbLy9H77xjVKEZ106s2v3l1Raxuf6FntC +9nirhjJiexABjE0KUWDEu77AQxqRvckwJHsX8zaBTkEHCFl609H7HEWwHyYZYxi7 +1CTDq6gf+GaeL8zot073v+yo8Nd203CRFQcNSbUBAoGAEgoKlnI+SDDp1mVLQKpM +tHuw5BvbbwwIM+LaE+s+aRlofz9Fsu3vfqh1GAxEMcuY4Rr7eFWj7U92LhGlTlWK +RIGZ/rwhQY8QAiWh8XUeKCYBQi0wi1urCzfvlGv5mSyNU6IaGMj3Hwj9oKP72TN5 +kiu9w25oO8yHrzN4x2afCZE= +-----END PRIVATE KEY----- diff --git a/fixtures/https_config.yml b/fixtures/https_config.yml new file mode 100644 index 0000000..fd3470d --- /dev/null +++ b/fixtures/https_config.yml @@ -0,0 +1,12 @@ +logstash: + instances: + - url: "http://localhost:9234" + timeout: 3s +server: + host: "127.0.0.1" + port: 9183 + keyFile: "./server.key" + certFile: "./server.crt" + enableSSL: true +logging: + level: "info" diff --git a/fixtures/valid_config.yml b/fixtures/valid_config.yml index fecbdf7..1364dd9 100644 --- a/fixtures/valid_config.yml +++ b/fixtures/valid_config.yml @@ -5,6 +5,6 @@ logstash: httpInsecure: true server: host: "127.0.0.1" - port: 9200 + port: 9100 logging: level: "debug" diff --git a/internal/startup_manager/startup_manager.go b/internal/startup_manager/startup_manager.go index 7dcb10c..c5e683b 100644 --- a/internal/startup_manager/startup_manager.go +++ b/internal/startup_manager/startup_manager.go @@ -26,6 +26,7 @@ var ( // AppServer defines the behavior of an application server type AppServer interface { ListenAndServe() error + ListenAndServeTLS(certFile, keyFile string) error Shutdown(ctx context.Context) error } @@ -176,7 +177,13 @@ func (sm *StartupManager) startServer(cfg *config.Config) { go func() { slog.Info("starting server", "host", cfg.Server.Host, "port", cfg.Server.Port) - err := appServer.ListenAndServe() + var err error + if cfg.Server.EnableSSL { + err = appServer.ListenAndServeTLS(cfg.Server.CertFile, cfg.Server.KeyFile) + } else { + err = appServer.ListenAndServe() + } + sm.serverErrorChan <- err }() } diff --git a/internal/startup_manager/startup_manager_test.go b/internal/startup_manager/startup_manager_test.go new file mode 100644 index 0000000..a392d33 --- /dev/null +++ b/internal/startup_manager/startup_manager_test.go @@ -0,0 +1,126 @@ +package startup_manager + +import ( + "context" + "crypto/tls" + "net" + "strconv" + "testing" + "time" + + "os" + "crypto/x509" + + "github.com/kuskoman/logstash-exporter/internal/flags" +) + + +func TestAppServer(t *testing.T) { + t.Parallel() + + ctx := context.Background() + timeout := time.Second + + t.Run("No TLS", func(t *testing.T) { + t.Parallel() + + flagsConfig := &flags.FlagsConfig{ConfigLocation: "../../fixtures/valid_config.yml"} + + sm, err := NewStartupManager(flagsConfig.ConfigLocation, flagsConfig) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + _, err = sm.configManager.LoadAndCompareConfig(ctx) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + cfg := sm.configManager.GetCurrentConfig() + if cfg == nil { + t.Fatal("config is nil") + } + + go func() { + sm.startServer(cfg) + }() + + name := net.JoinHostPort("localhost", strconv.Itoa(cfg.Server.Port)) + errs := make(chan error, 1) + go func() { + conn, err := net.DialTimeout("tcp", name, timeout) + errs <- err + if conn != nil { + defer conn.Close() + } + }() + + err = <-errs + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + err = sm.shutdownServer(ctx) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + }) + + t.Run("TLS", func(t *testing.T) { + t.Parallel() + + flagsConfig := &flags.FlagsConfig{ConfigLocation: "../../fixtures/https/config.yml"} + + sm, err := NewStartupManager(flagsConfig.ConfigLocation, flagsConfig) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + _, err = sm.configManager.LoadAndCompareConfig(ctx) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + cfg := sm.configManager.GetCurrentConfig() + if cfg == nil { + t.Fatal("config is nil") + } + + go func() { + sm.startServer(cfg) + }() + + cert, err := os.ReadFile("../../fixtures/https/ca.crt") + if err != nil { + t.Fatalf("Failed to read certificate file: %v", err) + } + + caCertPool := x509.NewCertPool() + caCertPool.AppendCertsFromPEM(cert) + + tlsConfig := &tls.Config{ + RootCAs: caCertPool, + } + + dialer := net.Dialer{Timeout: timeout} + name := net.JoinHostPort("localhost", strconv.Itoa(cfg.Server.Port)) + + errs := make(chan error, 1) + go func() { + conn, err := tls.DialWithDialer(&dialer, "tcp", name, tlsConfig) + errs <- err + if conn != nil { + defer conn.Close() + } + }() + err = <-errs + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + + err = sm.shutdownServer(ctx) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + }) +} diff --git a/pkg/config/exporter_config.go b/pkg/config/exporter_config.go index 2a7d78e..9d10af3 100644 --- a/pkg/config/exporter_config.go +++ b/pkg/config/exporter_config.go @@ -48,8 +48,11 @@ type ServerConfig struct { // with the default windows firewall configuration. // Alternatively you can change the firewall configuration to allow // connections to the port from all interfaces. - Host string `yaml:"host"` - Port int `yaml:"port"` + Host string `yaml:"host"` + Port int `yaml:"port"` + CertFile string `yaml:"certFile"` + KeyFile string `yaml:"keyFile"` + EnableSSL bool `yaml:"enableSSL"` } // LoggingConfig represents the logging configuration