diff options
| author | Felix Bünemann <Felix.Buenemann@gmail.com> | 2019-03-25 23:12:21 +0000 |
|---|---|---|
| committer | Filippo Valsorda <filippo@golang.org> | 2019-03-26 22:10:49 +0000 |
| commit | f2e51f00158c2dcdff37c573c24f798d1e63db31 (patch) | |
| tree | 587cf72226a052edd7b5c173f15600d79a881e8f /src | |
| parent | b5cf035d1ca21ee4bf799c6d97b2759471b76483 (diff) | |
| download | go-f2e51f00158c2dcdff37c573c24f798d1e63db31.tar.xz | |
crypto/x509: look for CAs at /etc/ssl/cert.pem for Alpine Linux
Alpine Linux uses /etc/ssl/cert.pem as default ca-bundle which
is preinstalled since 3.7 and was installed as part of the libressl
package in 3.5 and 3.6.
The path /etc/ssl/certs/ca-certificates.crt is only valid if the full
ca-certificates package is installed by hand, which contains all
single CA certs and uses update-ca-certificates to bundle them.
The priority for /etc/ssl/certs/ca-certificates.crt should be kept
higher than /etc/ssl/cert.pem in case the user installed custom
CA certs.
Change-Id: I1c86a6ad84d8ee1163560655743a5ce9f2408af1
GitHub-Last-Rev: 0ba4d599e412640248d4e688537aaea4c43ecbcc
GitHub-Pull-Request: golang/go#31042
Reviewed-on: https://go-review.googlesource.com/c/go/+/169238
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/crypto/x509/root_linux.go | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/crypto/x509/root_linux.go b/src/crypto/x509/root_linux.go index aa1785e4c6..267775dc5f 100644 --- a/src/crypto/x509/root_linux.go +++ b/src/crypto/x509/root_linux.go @@ -11,4 +11,5 @@ var certFiles = []string{ "/etc/ssl/ca-bundle.pem", // OpenSUSE "/etc/pki/tls/cacert.pem", // OpenELEC "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", // CentOS/RHEL 7 + "/etc/ssl/cert.pem", // Alpine Linux } |