Don't append CA if url is behind public CA

2025-09-18 16:12:35 +00:00 · 2021-05-03 17:51:44 -07:00
parent 86ca5628f7
commit 30042ac3a0
1 changed files with 6 additions and 4 deletions
--- a/pkg/aggregation/server.go
+++ b/pkg/aggregation/server.go
@@ -26,10 +26,12 @@ func ListenAndServe(ctx context.Context, url string, caCert []byte, token string
 			InsecureSkipVerify: true,
 		}
 	} else if len(caCert) > 0 {
-		pool := x509.NewCertPool()
-		pool.AppendCertsFromPEM(caCert)
-		dialer.TLSClientConfig = &tls.Config{
-			RootCAs: pool,
+		if _, err := http.Get(url); err != nil {
+			pool := x509.NewCertPool()
+			pool.AppendCertsFromPEM(caCert)
+			dialer.TLSClientConfig = &tls.Config{
+				RootCAs: pool,
+			}
 		}
 	}