From c3b2c7d575d56437adb4fec2020d2e32f4defbe5 Mon Sep 17 00:00:00 2001
From: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
Date: Fri, 14 Jul 2017 14:39:39 -0700
Subject: [PATCH] trust: do not call x509.SystemCertPool as nil will use this
 as default

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
---
 src/moby/trust.go | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/src/moby/trust.go b/src/moby/trust.go
index 57ad3331f..a1fa726f2 100644
--- a/src/moby/trust.go
+++ b/src/moby/trust.go
@@ -194,13 +194,7 @@ func httpsTransport(caFile string) (*http.Transport, error) {
 		TLSClientConfig:     tlsConfig,
 	}
 	// Override with the system cert pool if the caFile was empty
-	if caFile == "" {
-		systemCertPool, err := x509.SystemCertPool()
-		if err != nil {
-			return nil, err
-		}
-		transport.TLSClientConfig.RootCAs = systemCertPool
-	} else {
+	if caFile != "" {
 		certPool := x509.NewCertPool()
 		pems, err := ioutil.ReadFile(caFile)
 		if err != nil {