diff options
author | Niall Sheridan <nsheridan@gmail.com> | 2019-07-07 21:33:44 +0100 |
---|---|---|
committer | Niall Sheridan <nsheridan@gmail.com> | 2019-07-07 21:33:44 +0100 |
commit | 8c12c6939aab9106db14ec2d11d983bc5b29fb2c (patch) | |
tree | f9dc8a7d167c6355e47a65c52d4eb7b9ea03e6c8 /vendor/github.com/hashicorp/go-rootcerts/README.md | |
parent | 0bd454cc448b812da6c693b451d86ff4cadbb6b2 (diff) |
Switch to modules
Diffstat (limited to 'vendor/github.com/hashicorp/go-rootcerts/README.md')
-rw-r--r-- | vendor/github.com/hashicorp/go-rootcerts/README.md | 43 |
1 files changed, 0 insertions, 43 deletions
diff --git a/vendor/github.com/hashicorp/go-rootcerts/README.md b/vendor/github.com/hashicorp/go-rootcerts/README.md deleted file mode 100644 index f5abffc..0000000 --- a/vendor/github.com/hashicorp/go-rootcerts/README.md +++ /dev/null @@ -1,43 +0,0 @@ -# rootcerts - -Functions for loading root certificates for TLS connections. - ------ - -Go's standard library `crypto/tls` provides a common mechanism for configuring -TLS connections in `tls.Config`. The `RootCAs` field on this struct is a pool -of certificates for the client to use as a trust store when verifying server -certificates. - -This library contains utility functions for loading certificates destined for -that field, as well as one other important thing: - -When the `RootCAs` field is `nil`, the standard library attempts to load the -host's root CA set. This behavior is OS-specific, and the Darwin -implementation contains [a bug that prevents trusted certificates from the -System and Login keychains from being loaded][1]. This library contains -Darwin-specific behavior that works around that bug. - -[1]: https://github.com/golang/go/issues/14514 - -## Example Usage - -Here's a snippet demonstrating how this library is meant to be used: - -```go -func httpClient() (*http.Client, error) - tlsConfig := &tls.Config{} - err := rootcerts.ConfigureTLS(tlsConfig, &rootcerts.Config{ - CAFile: os.Getenv("MYAPP_CAFILE"), - CAPath: os.Getenv("MYAPP_CAPATH"), - }) - if err != nil { - return nil, err - } - c := cleanhttp.DefaultClient() - t := cleanhttp.DefaultTransport() - t.TLSClientConfig = tlsConfig - c.Transport = t - return c, nil -} -``` |