github.com/artisanhe/tools@v1.0.1-0.20210607022958-19a8fef2eb04/courier/client/insecure_tls_transport.go

github.com/artisanhe/tools@v1.0.1-0.20210607022958-19a8fef2eb04/courier/client/insecure_tls_transport.go (about)

     1  package client
     2  
     3  import (
     4  	"crypto/tls"
     5  	"crypto/x509"
     6  	"net/http"
     7  
     8  	"github.com/artisanhe/tools/courier/transport_http"
     9  )
    10  
    11  func NewInsecureTLSTransport(rootCA []byte) transport_http.TransportWrapper {
    12  	return func(rt http.RoundTripper) http.RoundTripper {
    13  		if httpRt, ok := rt.(*http.Transport); ok {
    14  			if httpRt.TLSClientConfig == nil {
    15  				httpRt.TLSClientConfig = &tls.Config{}
    16  			}
    17  			httpRt.TLSClientConfig.RootCAs = rootCertPool(rootCA)
    18  			return httpRt
    19  		}
    20  		return rt
    21  	}
    22  }
    23  
    24  func rootCertPool(caData []byte) *x509.CertPool {
    25  	if len(caData) == 0 {
    26  		return nil
    27  	}
    28  	certPool := x509.NewCertPool()
    29  	certPool.AppendCertsFromPEM(caData)
    30  	return certPool
    31  }