Allow multiple certificates in the root pem.

This commit is contained in:
Mariano Cano 2019-02-04 10:29:52 -08:00
parent d394dd233a
commit 4c9dccd3f6

View file

@ -12,7 +12,6 @@ import (
"crypto/x509/pkix" "crypto/x509/pkix"
"encoding/hex" "encoding/hex"
"encoding/json" "encoding/json"
"encoding/pem"
"io" "io"
"io/ioutil" "io/ioutil"
"net" "net"
@ -116,16 +115,10 @@ func getTransportFromFile(filename string) (http.RoundTripper, error) {
if err != nil { if err != nil {
return nil, errors.Wrapf(err, "error reading %s", filename) return nil, errors.Wrapf(err, "error reading %s", filename)
} }
block, _ := pem.Decode(data)
if block == nil {
return nil, errors.Errorf("error decoding %s", filename)
}
root, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return nil, errors.Wrapf(err, "error parsing %s", filename)
}
pool := x509.NewCertPool() pool := x509.NewCertPool()
pool.AddCert(root) if !pool.AppendCertsFromPEM(data) {
return nil, errors.Errorf("error parsing %s: no certificates found", filename)
}
return getDefaultTransport(&tls.Config{ return getDefaultTransport(&tls.Config{
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS12,
PreferServerCipherSuites: true, PreferServerCipherSuites: true,