(tlsClientCAFile string, tlsConfig *tls.Config)
| 2030 | } |
| 2031 | |
| 2032 | func configureCAPool(tlsClientCAFile string, tlsConfig *tls.Config) error { |
| 2033 | if tlsClientCAFile != "" { |
| 2034 | caPool := x509.NewCertPool() |
| 2035 | data, err := os.ReadFile(tlsClientCAFile) |
| 2036 | if err != nil { |
| 2037 | return xerrors.Errorf("read %q: %w", tlsClientCAFile, err) |
| 2038 | } |
| 2039 | if !caPool.AppendCertsFromPEM(data) { |
| 2040 | return xerrors.Errorf("failed to parse CA certificate in tls-client-ca-file") |
| 2041 | } |
| 2042 | tlsConfig.ClientCAs = caPool |
| 2043 | } |
| 2044 | return nil |
| 2045 | } |
| 2046 | |
| 2047 | const ( |
| 2048 | // Client ID for https://github.com/apps/coder |
no test coverage detected