Skip to content

Commit

Permalink
Add option to pass in CAcert for verification
Browse files Browse the repository at this point in the history 
Problem:
Running a server with a self signed cert will cause tls errors

Solution:
Add abillity to pass in a cert file to use for tls verification
  • Loading branch information
@dramich @ibuildthecloud
dramich authored and ibuildthecloud committed Jan 31, 2018
1 parent 87d5ab0 commit d2d5892
Showing 1 changed file with 17 additions and 0 deletions.
17 changes: 17 additions & 0 deletions clientbase/common.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ package clientbase

import (
"bytes"
"crypto/tls"
"crypto/x509"
"encoding/base64"
"encoding/json"
"fmt"
Expand Down Expand Up @@ -32,6 +34,7 @@ type ClientOpts struct {
SecretKey string
Timeout time.Duration
HTTPClient *http.Client
CACerts string
}

type APIError struct {
Expand Down Expand Up @@ -147,6 +150,20 @@ func NewAPIClient(opts *ClientOpts) (APIBaseClient, error) {

client.Timeout = opts.Timeout

if opts.CACerts != "" {
roots := x509.NewCertPool()
ok := roots.AppendCertsFromPEM([]byte(opts.CACerts))
if !ok {
return result, err
}
tr := &http.Transport{
TLSClientConfig: &tls.Config{
RootCAs: roots,
},
}
client.Transport = tr
}

req, err := http.NewRequest("GET", opts.URL, nil)
if err != nil {
return result, err
Expand Down

0 comments on commit d2d5892

Please sign in to comment.