lib/fluent/plugin/out_http.rb in fluent-plugin-out-http-1.1.7 vs lib/fluent/plugin/out_http.rb in fluent-plugin-out-http-1.2.0

@@ -1,9 +1,10 @@
 require 'net/http'
 require 'uri'
 require 'yajl'
 require 'fluent/plugin/output'
+require 'openssl'
 
 class Fluent::Plugin::HTTPOutput < Fluent::Plugin::Output
   Fluent::Plugin.register_output('http', self)
 
   helpers :compat_parameters, :formatter
@@ -35,10 +36,19 @@
   config_param :raise_on_error, :bool, :default => true
 
   # ca file to use for https request
   config_param :cacert_file, :string, :default => ''
 
+  # specify client sertificate
+  config_param :client_cert_path, :string, :default => ''
+
+  # specify private key path
+  config_param :private_key_path, :string, :default => ''
+
+  # specify private key passphrase
+  config_param :private_key_passphrase, :string, :default => '', :secret => true
+
   # custom headers
   config_param :custom_headers, :hash, :default => nil
 
   # 'none' | 'basic' | 'jwt' | 'bearer'
   config_param :authentication, :enum, list: [:none, :basic, :jwt, :bearer],  :default => :none
@@ -140,9 +150,11 @@
       opts = {
         :use_ssl => uri.scheme == 'https'
       }
       opts[:verify_mode] = @ssl_verify_mode if opts[:use_ssl]
       opts[:ca_file] = File.join(@ca_file) if File.file?(@ca_file)
+      opts[:cert] = OpenSSL::X509::Certificate.new(File.read(@client_cert_path)) if File.file?(@client_cert_path)
+      opts[:key] = OpenSSL::PKey::RSA.new(File.read(@private_key_path), @private_key_passphrase) if File.file?(@private_key_path)
       opts
   end
 
   def proxies
     ENV['HTTPS_PROXY'] || ENV['HTTP_PROXY'] || ENV['http_proxy'] || ENV['https_proxy']