storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/certs/ca-certs.go (about) 1 /* 2 * MinIO Cloud Storage, (C) 2020 MinIO, Inc. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package certs 18 19 import ( 20 "crypto/x509" 21 "io/ioutil" 22 "os" 23 "path" 24 ) 25 26 // GetRootCAs - returns all the root CAs into certPool 27 // at the input certsCADir 28 func GetRootCAs(certsCAsDir string) (*x509.CertPool, error) { 29 rootCAs, _ := loadSystemRoots() 30 if rootCAs == nil { 31 // In some systems system cert pool is not supported 32 // or no certificates are present on the 33 // system - so we create a new cert pool. 34 rootCAs = x509.NewCertPool() 35 } 36 37 fis, err := ioutil.ReadDir(certsCAsDir) 38 if err != nil { 39 if os.IsNotExist(err) || os.IsPermission(err) { 40 // Return success if CA's directory is missing or permission denied. 41 return rootCAs, nil 42 } 43 return rootCAs, err 44 } 45 46 // Load all custom CA files. 47 for _, fi := range fis { 48 caCert, err := ioutil.ReadFile(path.Join(certsCAsDir, fi.Name())) 49 if err == nil { 50 rootCAs.AppendCertsFromPEM(caCert) 51 } 52 // ignore files which are not readable. 53 } 54 55 return rootCAs, nil 56 }