forked from TrueCloudLab/certificates
Allow multiple certificates in the root pem.
This commit is contained in:
parent
d394dd233a
commit
4c9dccd3f6
1 changed files with 3 additions and 10 deletions
13
ca/client.go
13
ca/client.go
|
@ -12,7 +12,6 @@ import (
|
||||||
"crypto/x509/pkix"
|
"crypto/x509/pkix"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"encoding/pem"
|
|
||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net"
|
"net"
|
||||||
|
@ -116,16 +115,10 @@ func getTransportFromFile(filename string) (http.RoundTripper, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, errors.Wrapf(err, "error reading %s", filename)
|
return nil, errors.Wrapf(err, "error reading %s", filename)
|
||||||
}
|
}
|
||||||
block, _ := pem.Decode(data)
|
|
||||||
if block == nil {
|
|
||||||
return nil, errors.Errorf("error decoding %s", filename)
|
|
||||||
}
|
|
||||||
root, err := x509.ParseCertificate(block.Bytes)
|
|
||||||
if err != nil {
|
|
||||||
return nil, errors.Wrapf(err, "error parsing %s", filename)
|
|
||||||
}
|
|
||||||
pool := x509.NewCertPool()
|
pool := x509.NewCertPool()
|
||||||
pool.AddCert(root)
|
if !pool.AppendCertsFromPEM(data) {
|
||||||
|
return nil, errors.Errorf("error parsing %s: no certificates found", filename)
|
||||||
|
}
|
||||||
return getDefaultTransport(&tls.Config{
|
return getDefaultTransport(&tls.Config{
|
||||||
MinVersion: tls.VersionTLS12,
|
MinVersion: tls.VersionTLS12,
|
||||||
PreferServerCipherSuites: true,
|
PreferServerCipherSuites: true,
|
||||||
|
|
Loading…
Reference in a new issue