1
0
mirror of https://github.com/rancher/norman.git synced 2025-08-31 14:51:57 +00:00

Add option to pass in CAcert for verification

Problem:
Running a server with a self signed cert will cause tls errors

Solution:
Add abillity to pass in a cert file to use for tls verification
This commit is contained in:
Dan Ramich
2018-01-31 12:10:50 -07:00
committed by Darren Shepherd
parent 87d5ab06b9
commit d2d5892f3f

View File

@@ -2,6 +2,8 @@ package clientbase
import (
"bytes"
"crypto/tls"
"crypto/x509"
"encoding/base64"
"encoding/json"
"fmt"
@@ -32,6 +34,7 @@ type ClientOpts struct {
SecretKey string
Timeout time.Duration
HTTPClient *http.Client
CACerts string
}
type APIError struct {
@@ -147,6 +150,20 @@ func NewAPIClient(opts *ClientOpts) (APIBaseClient, error) {
client.Timeout = opts.Timeout
if opts.CACerts != "" {
roots := x509.NewCertPool()
ok := roots.AppendCertsFromPEM([]byte(opts.CACerts))
if !ok {
return result, err
}
tr := &http.Transport{
TLSClientConfig: &tls.Config{
RootCAs: roots,
},
}
client.Transport = tr
}
req, err := http.NewRequest("GET", opts.URL, nil)
if err != nil {
return result, err