httpclient: load CA certificates only when required

on Windows x509.SystemCertPool is not implemented and therefore we end
uo with an empty certificate pool if we load the CA certificates
unconditionally
This commit is contained in:
Nicola Murino 2021-03-10 21:45:48 +01:00
parent 591bebef0c
commit 7b0ea8f731
No known key found for this signature in database
GPG key ID: 2F1FB59433D5A8CB

View file

@ -83,6 +83,9 @@ func (c *Config) Initialize(configDir string) error {
// loadCACerts returns system cert pools and try to add the configured // loadCACerts returns system cert pools and try to add the configured
// CA certificates to it // CA certificates to it
func (c *Config) loadCACerts(configDir string) (*x509.CertPool, error) { func (c *Config) loadCACerts(configDir string) (*x509.CertPool, error) {
if len(c.CACertificates) == 0 {
return nil, nil
}
rootCAs, err := x509.SystemCertPool() rootCAs, err := x509.SystemCertPool()
if err != nil { if err != nil {
rootCAs = x509.NewCertPool() rootCAs = x509.NewCertPool()