merge system cert pool with own certs (#2226)
This commit is contained in:
parent
e5fe74ce77
commit
025f14f879
|
@ -214,7 +214,13 @@ func (kc *KafkaConfiguration) NewTLSConfig() (*tls.Config, error) {
|
|||
if err != nil {
|
||||
return &tlsConfig, err
|
||||
}
|
||||
caCertPool := x509.NewCertPool()
|
||||
caCertPool, err := x509.SystemCertPool()
|
||||
if err != nil {
|
||||
return &tlsConfig, fmt.Errorf("unable to load system CA certificates: %w", err)
|
||||
}
|
||||
if caCertPool == nil {
|
||||
caCertPool = x509.NewCertPool()
|
||||
}
|
||||
caCertPool.AppendCertsFromPEM(caCert)
|
||||
tlsConfig.RootCAs = caCertPool
|
||||
|
||||
|
|
|
@ -313,7 +313,13 @@ func (s *APIServer) GetTLSConfig() (*tls.Config, error) {
|
|||
if err != nil {
|
||||
return nil, errors.Wrap(err, "Error opening cert file")
|
||||
}
|
||||
caCertPool = x509.NewCertPool()
|
||||
caCertPool, err = x509.SystemCertPool()
|
||||
if err != nil {
|
||||
log.Warnf("Error loading system CA certificates: %s", err)
|
||||
}
|
||||
if caCertPool == nil {
|
||||
caCertPool = x509.NewCertPool()
|
||||
}
|
||||
caCertPool.AppendCertsFromPEM(caCert)
|
||||
}
|
||||
}
|
||||
|
|
|
@ -133,7 +133,13 @@ func (l *LocalApiClientCfg) Load() error {
|
|||
return errors.Wrapf(err, "failed to load cacert")
|
||||
}
|
||||
|
||||
caCertPool := x509.NewCertPool()
|
||||
caCertPool, err := x509.SystemCertPool()
|
||||
if err != nil {
|
||||
log.Warningf("Error loading system CA certificates: %s", err)
|
||||
}
|
||||
if caCertPool == nil {
|
||||
caCertPool = x509.NewCertPool()
|
||||
}
|
||||
caCertPool.AppendCertsFromPEM(caCert)
|
||||
apiclient.CaCertPool = caCertPool
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue