opensource/supermq
1
0
Fork 0
mirror of https://github.com/absmach/supermq.git synced 2026-06-23 06:40:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

NOISSUE - Update callouts client tls config (#3068)
Check License Header / check-license (push) Has been cancelled
Details
Continuous Delivery / Build and Push (push) Has been cancelled
Details
Check the consistency of generated files / check-generated-files (push) Has been cancelled
Details
Deploy GitHub Pages / swagger-ui (push) Has been cancelled
Details

Browse Source 
Signed-off-by: Jilks Smith <smithjilks@gmail.com>
This commit is contained in:
Smith Jilks
2025-08-21 17:44:11 +03:00
committed by GitHub
parent c63c936b36
commit 248b708909
1 changed files with 5 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/callout/callout.go
+5 -13
View File
@@ -7,18 +7,16 @@ import (
"bytes"
"context"
"crypto/tls"
"crypto/x509"
"encoding/json"
"fmt"
"io"
"maps"
"net/http"
"net/url"
"os"
"time"
"github.com/absmach/supermq/pkg/errors"
svcerr "github.com/absmach/supermq/pkg/errors/service"
"github.com/absmach/supermq/pkg/server"
)
var errFailedToRead = errors.New("failed to read callout response body")
@@ -82,22 +80,16 @@ func newCalloutClient(ctls bool, certPath, keyPath, caPath string, timeout time.
InsecureSkipVerify: !ctls,
}
if certPath != "" || keyPath != "" {
clientTLSCert, err := tls.LoadX509KeyPair(certPath, keyPath)
clientTLSCert, err := server.LoadX509KeyPair(certPath, keyPath)
if err != nil {
return nil, err
}
certPool, err := x509.SystemCertPool()
caCert, err := server.LoadRootCACerts(caPath)
if err != nil {
return nil, err
}
caCert, err := os.ReadFile(caPath)
if err != nil {
return nil, err
}
if !certPool.AppendCertsFromPEM(caCert) {
return nil, errors.Wrap(errors.New("failed to append CA certificate"), svcerr.ErrCreateEntity)
}
tlsConfig.RootCAs = certPool
tlsConfig.RootCAs = caCert
tlsConfig.Certificates = []tls.Certificate{clientTLSCert}
}