@@ -83,6 +83,16 @@ struct flb_config_map output_global_properties[] = {
8383 "Accepted values: a positive integer, 'no_limits', 'false', or 'off' to disable retry limits, "
8484 "or 'no_retries' to disable retries entirely."
8585 },
86+ {
87+ FLB_CONFIG_MAP_STR , "tls.windows.certstore_name" , NULL ,
88+ 0 , FLB_FALSE , 0 ,
89+ "Sets the certstore name on an output (Windows)"
90+ },
91+ {
92+ FLB_CONFIG_MAP_STR , "tls.windows.use_enterprise_store" , NULL ,
93+ 0 , FLB_FALSE , 0 ,
94+ "Sets whether using enterprise certstore or not on an output (Windows)"
95+ },
8696
8797 {0 }
8898};
@@ -174,6 +184,11 @@ static void flb_output_free_properties(struct flb_output_instance *ins)
174184 if (ins -> tls_ciphers ) {
175185 flb_sds_destroy (ins -> tls_ciphers );
176186 }
187+ # if defined(FLB_SYSTEM_WINDOWS )
188+ if (ins -> tls_win_certstore_name ) {
189+ flb_sds_destroy (ins -> tls_win_certstore_name );
190+ }
191+ # endif
177192#endif
178193}
179194
@@ -751,6 +766,10 @@ struct flb_output_instance *flb_output_new(struct flb_config *config,
751766 instance -> tls_crt_file = NULL ;
752767 instance -> tls_key_file = NULL ;
753768 instance -> tls_key_passwd = NULL ;
769+ # if defined(FLB_SYSTEM_WINDOWS )
770+ instance -> tls_win_certstore_name = NULL ;
771+ instance -> tls_win_use_enterprise_certstore = FLB_FALSE ;
772+ # endif
754773#endif
755774
756775 if (plugin -> flags & FLB_OUTPUT_NET ) {
@@ -975,6 +994,15 @@ int flb_output_set_property(struct flb_output_instance *ins,
975994 else if (prop_key_check ("tls .ciphers ", k , len ) == 0 ) {
976995 flb_utils_set_plugin_string_property ("tls.ciphers" , & ins -> tls_ciphers , tmp );
977996 }
997+ # if defined(FLB_SYSTEM_WINDOWS )
998+ else if (prop_key_check ("tls.windows.certstore_name" , k , len ) == 0 && tmp ) {
999+ flb_utils_set_plugin_string_property ("tls.windows.certstore_name" , & ins -> tls_win_certstore_name , tmp );
1000+ }
1001+ else if (prop_key_check ("tls.windows.use_enterprise_store" , k , len ) == 0 && tmp ) {
1002+ ins -> tls_win_use_enterprise_certstore = flb_utils_bool (tmp );
1003+ flb_sds_destroy (tmp );
1004+ }
1005+ # endif
9781006#endif
9791007 else if (prop_key_check ("storage.total_limit_size" , k , len ) == 0 && tmp ) {
9801008 if (strcasecmp (tmp , "off" ) == 0 ||
@@ -1359,6 +1387,36 @@ int flb_output_init_all(struct flb_config *config)
13591387 return -1 ;
13601388 }
13611389 }
1390+
1391+ # if defined (FLB_SYSTEM_WINDOWS )
1392+ if (ins -> tls_win_use_enterprise_certstore ) {
1393+ ret = flb_tls_set_use_enterprise_store (ins -> tls , ins -> tls_win_use_enterprise_certstore );
1394+ if (ret == -1 ) {
1395+ flb_error ("[input %s] error set up to use enterprise certstore in TLS context" ,
1396+ ins -> name );
1397+
1398+ return -1 ;
1399+ }
1400+ }
1401+
1402+ if (ins -> tls_win_certstore_name ) {
1403+ ret = flb_tls_set_certstore_name (ins -> tls , ins -> tls_win_certstore_name );
1404+ if (ret == -1 ) {
1405+ flb_error ("[output %s] error specify certstore name in TLS context" ,
1406+ ins -> name );
1407+
1408+ return -1 ;
1409+ }
1410+
1411+ ret = flb_tls_load_system_certificates (ins -> tls );
1412+ if (ret == -1 ) {
1413+ flb_error ("[output %s] error set up to load certstore with a user-defined name in TLS context" ,
1414+ ins -> name );
1415+
1416+ return -1 ;
1417+ }
1418+ }
1419+ # endif
13621420 }
13631421#endif
13641422 /*
0 commit comments