[ISSUE-67869312] add TLS support

commit: 470a1358aace8aea1b9410220ac30c74d4de455d [log] [tgz]
author: Haoming Zhang <zhm1993zhm@gmail.com> Wed Nov 15 17:08:20 2017 -0800
committer: Haoming <haomingzhang@users.noreply.github.com> Fri Dec 01 11:13:22 2017 -0800
tree: 535fd9dccfa3c5549bcc69dfd5b2ab66cc6ece64
parent: 8a5778c67726933fdd72d890f4d52c0f9a585d16 [diff]
diff --git a/api/api.go b/api/api.go
index a184f33..10285f2 100644
--- a/api/api.go
+++ b/api/api.go

@@ -31,6 +31,8 @@
 	configExpVarPath        = "api_expvar_path"
 	configReadyPath         = "api_ready"
 	configHealthPath        = "api_health"
+	configTlsKey            = "api_tls_key"
+	configTlsCert           = "api_tls_cert"
 	ConfigDBMaxConns        = "db_config_max_conns"
 	ConfigDBIdleConns       = "db_config_idle_conns"
 	ConfigDBConnsTimeout    = "db_config_conns_timeout_seconds"
@@ -81,7 +83,17 @@
 	if ip != nil {
 		scaffold.SetlocalBindIPAddressV4(ip)
 	}
-	scaffold.SetInsecurePort(port)
+
+	// listen on https
+	if key, cert := config.GetString(configTlsKey), config.GetString(configTlsCert); key != "" && cert != "" {
+		log.Infof("Load TLS key: %v, TLS cert: %v", key, cert)
+		scaffold.SetSecurePort(port)
+		scaffold.SetKeyFile(key)
+		scaffold.SetCertFile(cert)
+	} else { // listen on http
+		scaffold.SetInsecurePort(port)
+	}
+
 	scaffold.CatchSignals()
 
 	// Set an URL that may be used by a load balancer to test if the server is ready to handle requests
commit	470a1358aace8aea1b9410220ac30c74d4de455d	[log] [tgz]
author	Haoming Zhang <zhm1993zhm@gmail.com>	Wed Nov 15 17:08:20 2017 -0800
committer	Haoming <haomingzhang@users.noreply.github.com>	Fri Dec 01 11:13:22 2017 -0800
tree	535fd9dccfa3c5549bcc69dfd5b2ab66cc6ece64
parent	8a5778c67726933fdd72d890f4d52c0f9a585d16 [diff]