mirror of
https://github.com/Luzifer/vault-openvpn.git
synced 2024-12-25 14:21:21 +00:00
Add support for self-signed CAs that are in the OS trust store
This commit is contained in:
parent
04807c1e9a
commit
542310fd7a
1 changed files with 12 additions and 3 deletions
15
main.go
15
main.go
|
@ -7,6 +7,7 @@ import (
|
|||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"net/http"
|
||||
"os"
|
||||
"strings"
|
||||
"text/template"
|
||||
|
@ -14,6 +15,7 @@ import (
|
|||
|
||||
"github.com/Luzifer/go_helpers/str"
|
||||
"github.com/Luzifer/rconfig"
|
||||
"github.com/hashicorp/go-rootcerts"
|
||||
"github.com/hashicorp/vault/api"
|
||||
homedir "github.com/mitchellh/go-homedir"
|
||||
)
|
||||
|
@ -97,10 +99,17 @@ func main() {
|
|||
}
|
||||
|
||||
var err error
|
||||
client, err = api.NewClient(&api.Config{
|
||||
Address: cfg.VaultAddress,
|
||||
})
|
||||
|
||||
clientConfig := api.DefaultConfig()
|
||||
clientConfig.Address = cfg.VaultAddress
|
||||
|
||||
tlsConfig := clientConfig.HttpClient.Transport.(*http.Transport).TLSClientConfig
|
||||
err = rootcerts.ConfigureTLS(tlsConfig, nil)
|
||||
if err != nil {
|
||||
log.Fatalf("Could not configure TLS: %s", err)
|
||||
}
|
||||
|
||||
client, err = api.NewClient(clientConfig)
|
||||
if err != nil {
|
||||
log.Fatalf("Could not create Vault client: %s", err)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue