Use system ca pool from tlsconfig

Remove deprecated config from local pkg/tlsconfig. Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
author: Derek McGowan <derek@mcgstyle.net> 2016-10-31 14:52:07 -0700
committer: Derek McGowan <derek@mcgstyle.net> 2016-10-31 14:52:07 -0700
commit: 66a5e34cc4a0bdf654010211baa2070bbe38ba3c (patch)
tree: b1d420f7aa6ddcfa7d93a60fe9a814252c88c93a /registry/registry.go
parent: fd82240e0a6d83b08a6749f1cf212558deee1acb (diff)
download: docker-66a5e34cc4a0bdf654010211baa2070bbe38ba3c.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/registry/registry.go b/registry/registry.go
index a139981b02..17fa97ce3d 100644
--- a/registry/registry.go
+++ b/registry/registry.go
@@ -3,7 +3,6 @@ package registry
 
 import (
 	"crypto/tls"
-	"crypto/x509"
 	"errors"
 	"fmt"
 	"io/ioutil"
@@ -64,8 +63,11 @@ func ReadCertsDirectory(tlsConfig *tls.Config, directory string) error {
 	for _, f := range fs {
 		if strings.HasSuffix(f.Name(), ".crt") {
 			if tlsConfig.RootCAs == nil {
-				// TODO(dmcgowan): Copy system pool
-				tlsConfig.RootCAs = x509.NewCertPool()
+				systemPool, err := tlsconfig.SystemCertPool()
+				if err != nil {
+					return fmt.Errorf("unable to get system cert pool: %v", err)
+				}
+				tlsConfig.RootCAs = systemPool
 			}
 			logrus.Debugf("crt: %s", filepath.Join(directory, f.Name()))
 			data, err := ioutil.ReadFile(filepath.Join(directory, f.Name()))
author	Derek McGowan <derek@mcgstyle.net>	2016-10-31 14:52:07 -0700
committer	Derek McGowan <derek@mcgstyle.net>	2016-10-31 14:52:07 -0700
commit	66a5e34cc4a0bdf654010211baa2070bbe38ba3c (patch)
tree	b1d420f7aa6ddcfa7d93a60fe9a814252c88c93a /registry/registry.go
parent	fd82240e0a6d83b08a6749f1cf212558deee1acb (diff)
download	docker-66a5e34cc4a0bdf654010211baa2070bbe38ba3c.tar.gz