/tls/ -- add ValidCert, without it being true https is not usable
This commit is contained in:
parent
2748d4c889
commit
ba103f9825
|
@ -75,6 +75,7 @@ type tlsConfigSettings struct {
|
|||
// field ordering is not important -- these are for API and are recalculated on each run
|
||||
type tlsConfigStatus struct {
|
||||
// certificate status
|
||||
ValidCert bool `yaml:"-" json:"valid_cert"`
|
||||
ValidChain bool `yaml:"-" json:"valid_chain"`
|
||||
Subject string `yaml:"-" json:"subject,omitempty"`
|
||||
Issuer string `yaml:"-" json:"issuer,omitempty"`
|
||||
|
|
|
@ -1155,6 +1155,8 @@ func validateCertificates(data tlsConfig) tlsConfig {
|
|||
return data
|
||||
}
|
||||
|
||||
data.ValidCert = true
|
||||
|
||||
// spew.Dump(parsedCerts)
|
||||
|
||||
opts := x509.VerifyOptions{
|
||||
|
@ -1172,9 +1174,6 @@ func validateCertificates(data tlsConfig) tlsConfig {
|
|||
opts.Intermediates = pool
|
||||
}
|
||||
|
||||
// clear out all warnings and statuses
|
||||
data.tlsConfigStatus = tlsConfigStatus{}
|
||||
|
||||
// TODO: save it as a warning rather than error it out -- shouldn't be a big problem
|
||||
mainCert := parsedCerts[0]
|
||||
_, err := mainCert.Verify(opts)
|
||||
|
|
Loading…
Reference in New Issue