diff options
author | Derek McGowan <derek@mcgstyle.net> | 2016-10-31 14:52:07 -0700 |
---|---|---|
committer | Derek McGowan <derek@mcgstyle.net> | 2016-10-31 14:52:07 -0700 |
commit | 66a5e34cc4a0bdf654010211baa2070bbe38ba3c (patch) | |
tree | b1d420f7aa6ddcfa7d93a60fe9a814252c88c93a /registry/registry.go | |
parent | fd82240e0a6d83b08a6749f1cf212558deee1acb (diff) | |
download | docker-66a5e34cc4a0bdf654010211baa2070bbe38ba3c.tar.gz |
Use system ca pool from tlsconfig
Remove deprecated config from local pkg/tlsconfig.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Diffstat (limited to 'registry/registry.go')
-rw-r--r-- | registry/registry.go | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/registry/registry.go b/registry/registry.go index a139981b02..17fa97ce3d 100644 --- a/registry/registry.go +++ b/registry/registry.go @@ -3,7 +3,6 @@ package registry import ( "crypto/tls" - "crypto/x509" "errors" "fmt" "io/ioutil" @@ -64,8 +63,11 @@ func ReadCertsDirectory(tlsConfig *tls.Config, directory string) error { for _, f := range fs { if strings.HasSuffix(f.Name(), ".crt") { if tlsConfig.RootCAs == nil { - // TODO(dmcgowan): Copy system pool - tlsConfig.RootCAs = x509.NewCertPool() + systemPool, err := tlsconfig.SystemCertPool() + if err != nil { + return fmt.Errorf("unable to get system cert pool: %v", err) + } + tlsConfig.RootCAs = systemPool } logrus.Debugf("crt: %s", filepath.Join(directory, f.Name())) data, err := ioutil.ReadFile(filepath.Join(directory, f.Name())) |