mirror of
https://github.com/rancher/norman.git
synced 2025-08-31 14:51:57 +00:00
Add option to pass in CAcert for verification
Problem: Running a server with a self signed cert will cause tls errors Solution: Add abillity to pass in a cert file to use for tls verification
This commit is contained in:
committed by
Darren Shepherd
parent
87d5ab06b9
commit
d2d5892f3f
@@ -2,6 +2,8 @@ package clientbase
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
@@ -32,6 +34,7 @@ type ClientOpts struct {
|
||||
SecretKey string
|
||||
Timeout time.Duration
|
||||
HTTPClient *http.Client
|
||||
CACerts string
|
||||
}
|
||||
|
||||
type APIError struct {
|
||||
@@ -147,6 +150,20 @@ func NewAPIClient(opts *ClientOpts) (APIBaseClient, error) {
|
||||
|
||||
client.Timeout = opts.Timeout
|
||||
|
||||
if opts.CACerts != "" {
|
||||
roots := x509.NewCertPool()
|
||||
ok := roots.AppendCertsFromPEM([]byte(opts.CACerts))
|
||||
if !ok {
|
||||
return result, err
|
||||
}
|
||||
tr := &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
RootCAs: roots,
|
||||
},
|
||||
}
|
||||
client.Transport = tr
|
||||
}
|
||||
|
||||
req, err := http.NewRequest("GET", opts.URL, nil)
|
||||
if err != nil {
|
||||
return result, err
|
||||
|
Reference in New Issue
Block a user