github/ssl_exporter
1
0
Fork 0
mirror of https://github.com/ribbybibby/ssl_exporter.git synced 2026-02-14 17:49:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove the relationship between client authentication and the alternative ca cert bundle.

Browse Source 
Client authentication isn't the only situation where you might want to override the system ca bundle with an alternative.
This commit is contained in:
Rob Best
2019-03-11 17:53:21 +00:00
parent 645d7a6e42
commit 7e59584659
1 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
ssl_exporter.go
View File

@@ -262,14 +262,7 @@ func main() {
kingpin.HelpFlag.Short('h')
kingpin.Parse()
if *clientAuth {
cert, err := tls.LoadX509KeyPair(*certFile, *keyFile)
if err != nil {
log.Fatalln(err)
}
certificates = append(certificates, cert)
if *caFile != "" {
caCert, err := ioutil.ReadFile(*caFile)
if err != nil {
log.Fatalln(err)
@@ -279,6 +272,14 @@ func main() {
rootCAs.AppendCertsFromPEM(caCert)
}
if *clientAuth {
cert, err := tls.LoadX509KeyPair(*certFile, *keyFile)
if err != nil {
log.Fatalln(err)
}
certificates = append(certificates, cert)
}
tlsConfig = &tls.Config{
InsecureSkipVerify: *insecure,
Certificates: certificates,