Mirroristas/kaspad
2
0
Fork 0
mirror of https://github.com/kaspanet/kaspad.git synced 2026-03-17 13:54:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use system CAs when Certificates are not specified.

Browse Source 
This commit modifies the TLS setup to only override the RootCAs for the
TLS connection if certificates are specified.  This allows the
Certificates parameter to be ommitted from the connection config to use
the system CAs.
This commit is contained in:
Dave Collins
2014-06-25 21:48:40 -05:00
parent 0ae3676a7d
commit a9e1b8fb84
1 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
infrastructure.go
View File

@@ -966,10 +966,12 @@ func newHTTPClient(config *ConnConfig) (*http.Client, error) {
// Configure TLS if needed.
var tlsConfig *tls.Config
if !config.DisableTLS {
pool := x509.NewCertPool()
pool.AppendCertsFromPEM(config.Certificates)
tlsConfig = &tls.Config{
RootCAs: pool,
if len(config.Certificates) > 0 {
pool := x509.NewCertPool()
pool.AppendCertsFromPEM(config.Certificates)
tlsConfig = &tls.Config{
RootCAs: pool,
}
}
}
@@ -990,12 +992,14 @@ func dial(config *ConnConfig) (*websocket.Conn, error) {
var tlsConfig *tls.Config
var scheme = "ws"
if !config.DisableTLS {
pool := x509.NewCertPool()
pool.AppendCertsFromPEM(config.Certificates)
tlsConfig = &tls.Config{
RootCAs: pool,
MinVersion: tls.VersionTLS12,
}
if len(config.Certificates) > 0 {
pool := x509.NewCertPool()
pool.AppendCertsFromPEM(config.Certificates)
tlsConfig.RootCAs = pool
}
scheme = "wss"
}