rancher/norman
1
0
Fork 0
mirror of https://github.com/rancher/norman.git synced 2025-09-03 00:06:24 +00:00
Code Issues Releases Wiki Activity

Add option to pass in CAcert for verification

Browse Source 
Problem:
Running a server with a self signed cert will cause tls errors

Solution:
Add abillity to pass in a cert file to use for tls verification
This commit is contained in:
Dan Ramich
2018-01-31 12:10:50 -07:00
committed by Darren Shepherd
parent 87d5ab06b9
commit d2d5892f3f
1 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
clientbase/common.go
View File

@@ -2,6 +2,8 @@ package clientbase
import ( import (
"bytes" "bytes"
"crypto/tls"
"crypto/x509"
"encoding/base64" "encoding/base64"
"encoding/json" "encoding/json"
"fmt" "fmt"
@@ -32,6 +34,7 @@ type ClientOpts struct {
SecretKey string SecretKey string
Timeout time.Duration Timeout time.Duration
HTTPClient *http.Client HTTPClient *http.Client
CACerts string
} }
type APIError struct { type APIError struct {
@@ -147,6 +150,20 @@ func NewAPIClient(opts *ClientOpts) (APIBaseClient, error) {
client.Timeout = opts.Timeout client.Timeout = opts.Timeout
if opts.CACerts != "" {
roots := x509.NewCertPool()
ok := roots.AppendCertsFromPEM([]byte(opts.CACerts))
if !ok {
return result, err
}
tr := &http.Transport{
TLSClientConfig: &tls.Config{
RootCAs: roots,
},
}
client.Transport = tr
}
req, err := http.NewRequest("GET", opts.URL, nil) req, err := http.NewRequest("GET", opts.URL, nil)
if err != nil { if err != nil {
return result, err return result, err