Fix AUTHORITY_VERIFY

This commit is contained in:
Fangliding
2026-06-17 21:53:44 +08:00
parent 1b8d07f1e3
commit 65d50cc638
2 changed files with 6 additions and 0 deletions
+3
View File
@@ -38,6 +38,9 @@ func ParseCertificate(c *cert.Certificate) *Certificate {
func (c *Config) loadSelfCertPool() (*x509.CertPool, error) { func (c *Config) loadSelfCertPool() (*x509.CertPool, error) {
root := x509.NewCertPool() root := x509.NewCertPool()
for _, cert := range c.Certificate { for _, cert := range c.Certificate {
if cert.Usage != Certificate_AUTHORITY_VERIFY {
continue
}
if !root.AppendCertsFromPEM(cert.Certificate) { if !root.AppendCertsFromPEM(cert.Certificate) {
return nil, errors.New("failed to append cert").AtWarning() return nil, errors.New("failed to append cert").AtWarning()
} }
+3
View File
@@ -47,6 +47,9 @@ func (c *Config) getCertPool() (*x509.CertPool, error) {
return nil, errors.New("system root").AtWarning().Base(err) return nil, errors.New("system root").AtWarning().Base(err)
} }
for _, cert := range c.Certificate { for _, cert := range c.Certificate {
if cert.Usage != Certificate_AUTHORITY_VERIFY {
continue
}
if !pool.AppendCertsFromPEM(cert.Certificate) { if !pool.AppendCertsFromPEM(cert.Certificate) {
return nil, errors.New("append cert to root").AtWarning().Base(err) return nil, errors.New("append cert to root").AtWarning().Base(err)
} }