github.com/mook-as/cf-cli@v7.0.0-beta.28.0.20200120190804-b91c115fae48+incompatible/util/tls.go

github.com/mook-as/cf-cli@v7.0.0-beta.28.0.20200120190804-b91c115fae48+incompatible/util/tls.go (about)

     1  package util
     2  
     3  import (
     4  	"crypto/tls"
     5  	"crypto/x509"
     6  )
     7  
     8  func NewTLSConfig(trustedCerts []*x509.Certificate, skipTLSValidation bool) *tls.Config {
     9  	config := &tls.Config{
    10  		MinVersion: tls.VersionTLS10,
    11  		MaxVersion: tls.VersionTLS12,
    12  	}
    13  
    14  	if len(trustedCerts) > 0 {
    15  		certPool := x509.NewCertPool()
    16  		for _, tlsCert := range trustedCerts {
    17  			certPool.AddCert(tlsCert)
    18  		}
    19  		config.RootCAs = certPool
    20  	}
    21  
    22  	config.InsecureSkipVerify = skipTLSValidation
    23  
    24  	return config
    25  }