1
0
Fork 0
mirror of https://github.com/Luzifer/vault-openvpn.git synced 2024-12-25 22:31:20 +00:00

Add support for self-signed CAs that are in the OS trust store

This commit is contained in:
Miguel Eduardo Gil Biraud 2016-08-25 16:38:21 +02:00
parent 04807c1e9a
commit 542310fd7a

15
main.go
View file

@ -7,6 +7,7 @@ import (
"fmt"
"io/ioutil"
"log"
"net/http"
"os"
"strings"
"text/template"
@ -14,6 +15,7 @@ import (
"github.com/Luzifer/go_helpers/str"
"github.com/Luzifer/rconfig"
"github.com/hashicorp/go-rootcerts"
"github.com/hashicorp/vault/api"
homedir "github.com/mitchellh/go-homedir"
)
@ -97,10 +99,17 @@ func main() {
}
var err error
client, err = api.NewClient(&api.Config{
Address: cfg.VaultAddress,
})
clientConfig := api.DefaultConfig()
clientConfig.Address = cfg.VaultAddress
tlsConfig := clientConfig.HttpClient.Transport.(*http.Transport).TLSClientConfig
err = rootcerts.ConfigureTLS(tlsConfig, nil)
if err != nil {
log.Fatalf("Could not configure TLS: %s", err)
}
client, err = api.NewClient(clientConfig)
if err != nil {
log.Fatalf("Could not create Vault client: %s", err)
}