Neil-Jocelyn Schark
--- a/goKMS/kms/akms/client/client.go → goKMS/kms/akmsInterface/client/client.go

+ 30

− 6
+++ b/goKMS/kms/akms/client/client.go → goKMS/kms/akmsInterface/client/client.go

+ 30

− 6
 @@ -3,20 +3,39 @@ package client
 import (
 	"bytes"
 	"encoding/json"
+	"fmt"
+	"io"
 	"net/http"

+	"code.fbi.h-da.de/danet/quant/goKMS/config"
 	"code.fbi.h-da.de/danet/quant/goKMS/kms/crypto"
+	kmstls "code.fbi.h-da.de/danet/quant/goKMS/kms/tls"
 	"github.com/sirupsen/logrus"
 )

 type CkmsAkmsClient struct {
-	url string
+	url        string
+	httpClient *http.Client
 }

-func NewCkmsAkmsClient(url string) *CkmsAkmsClient {
-	return &CkmsAkmsClient{
-		url: url,
+func NewCkmsAkmsClient(url string, tlsConfig config.TLSConfig) (*CkmsAkmsClient, error) {
+	client := &http.Client{}
+
+	if tlsConfig.Active {
+		tlsConf, err := kmstls.GenerateTLSLibraryConfig(tlsConfig)
+		if err != nil {
+			return nil, fmt.Errorf("unable to generate TLS config: %w", err)
+		}
+
+		client.Transport = &http.Transport{
+			TLSClientConfig: tlsConf,
+		}
 	}
+
+	return &CkmsAkmsClient{
+		url:        url,
+		httpClient: client,
+	}, nil
 }

 type PushKSAKeyRequest struct {
 @@ -38,9 +57,14 @@ func (c *CkmsAkmsClient) SendKSAKeysToRequestingInstances(requestID string, proc
 		return err
 	}

-	resp, err := http.Post(c.url, "application/json", bytes.NewBuffer(jsonData))
+	// TODO: also log the response body if request failed
+	resp, err := c.httpClient.Post(c.url, "application/json", bytes.NewBuffer(jsonData))
 	if err != nil {
-		logrus.Errorf("Error sending POST request: %s", err)
+		body, err2 := io.ReadAll(resp.Body)
+		if err2 != nil {
+			logrus.Errorf("Error reading POST response body: %s", err2)
+		}
+		logrus.Errorf("Error sending POST request: %s, received response body: %s", err, string(body))
 		logrus.Errorf("Tried to send request: %s to url: %s", jsonData, c.url)
 		return err
 	}