vitalif
/
etcd
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix(server/tls_info): use all certificates in CA file 

fixes coreos/etcd#553
release-0.4
Michael S. Fischer 2014-02-08 18:27:41 -08:00
parent 137f87c414
commit e1af3dbde6
1 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
server/tls_info.go
View File

@ -84,19 +84,23 @@ func (info TLSInfo) ClientConfig() (*tls.Config, error) {
// newCertPool creates x509 certPool with provided CA file
func newCertPool(CAFile string) (*x509.CertPool, error) {
certPool := x509.NewCertPool()
pemByte, err := ioutil.ReadFile(CAFile)
if err != nil {
return nil, err
}
block, pemByte := pem.Decode(pemByte)
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return nil, err
for {
var block *pem.Block
block, pemByte = pem.Decode(pemByte)
if block == nil {
return certPool, nil
}
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return nil, err
}
certPool.AddCert(cert)
}
certPool := x509.NewCertPool()
certPool.AddCert(cert)
return certPool, nil
}