Skip to content
This repository has been archived by the owner on Mar 24, 2022. It is now read-only.

Commit

Permalink
Using SystemCertPool instead of NewCertPool() for intermediate CA
Browse files Browse the repository at this point in the history 
Signed-off-by: Anisha Hirji <ahirji@pivotal.io>
  • Loading branch information
@clarafu @pivotal-ahirji
clarafu authored and pivotal-ahirji committed Nov 17, 2016
1 parent 6fb036e commit 5a2cf35
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
5 changes: 4 additions & 1 deletion rc/target.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -335,7 +335,10 @@ func loadCACertPool(caCert string) (cert *x509.CertPool, err error) {
return nil, nil
}

pool := x509.NewCertPool()
pool, err := x509.SystemCertPool()
if err != nil {
return nil, err
}
ok := pool.AppendCertsFromPEM([]byte(caCert))
if !ok {
return nil, errors.New("CA Cert not valid")
Expand Down
3 changes: 2 additions & 1 deletion rc/target_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,8 @@ AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
base, ok := (*transport).Base.(*http.Transport)
Expect(ok).To(BeTrue())

expectedCaCertPool := x509.NewCertPool()
expectedCaCertPool, err := x509.SystemCertPool()
Expect(err).NotTo(HaveOccurred())
ok = expectedCaCertPool.AppendCertsFromPEM([]byte(rootCA))
Expect(ok).To(BeTrue())

Expand Down

0 comments on commit 5a2cf35

Please sign in to comment.