github.com/artisanhe/tools@v1.0.1-0.20210607022958-19a8fef2eb04/courier/client/insecure_tls_transport.go (about) 1 package client 2 3 import ( 4 "crypto/tls" 5 "crypto/x509" 6 "net/http" 7 8 "github.com/artisanhe/tools/courier/transport_http" 9 ) 10 11 func NewInsecureTLSTransport(rootCA []byte) transport_http.TransportWrapper { 12 return func(rt http.RoundTripper) http.RoundTripper { 13 if httpRt, ok := rt.(*http.Transport); ok { 14 if httpRt.TLSClientConfig == nil { 15 httpRt.TLSClientConfig = &tls.Config{} 16 } 17 httpRt.TLSClientConfig.RootCAs = rootCertPool(rootCA) 18 return httpRt 19 } 20 return rt 21 } 22 } 23 24 func rootCertPool(caData []byte) *x509.CertPool { 25 if len(caData) == 0 { 26 return nil 27 } 28 certPool := x509.NewCertPool() 29 certPool.AppendCertsFromPEM(caData) 30 return certPool 31 }