github.com/loggregator/cli@v6.33.1-0.20180224010324-82334f081791+incompatible/cf/net/ssl.go

github.com/loggregator/cli@v6.33.1-0.20180224010324-82334f081791+incompatible/cf/net/ssl.go (about)

     1  package net
     2  
     3  import (
     4  	"crypto/tls"
     5  	"crypto/x509"
     6  )
     7  
     8  func NewTLSConfig(trustedCerts []tls.Certificate, disableSSL bool) (TLSConfig *tls.Config) {
     9  	TLSConfig = &tls.Config{
    10  		MinVersion: tls.VersionTLS10,
    11  	}
    12  
    13  	if len(trustedCerts) > 0 {
    14  		certPool := x509.NewCertPool()
    15  		for _, tlsCert := range trustedCerts {
    16  			cert, _ := x509.ParseCertificate(tlsCert.Certificate[0])
    17  			certPool.AddCert(cert)
    18  		}
    19  		TLSConfig.RootCAs = certPool
    20  	}
    21  
    22  	TLSConfig.InsecureSkipVerify = disableSSL
    23  
    24  	return
    25  }