habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

root: redis, make sure tlscacert isn't an empty string (#12407)

Browse Source 
* root: redis, make sure tlscacert isn't an empty string

* make TLSCaCert a string instead of pointer

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Andrea Scarpino
2025-01-13 19:14:26 +00:00
committed by GitHub
parent 0befc26507
commit 94eff50306
2 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/outpost/proxyv2/application/session.go
View File

@ -45,15 +45,15 @@ func (a *Application) getStore(p api.ProxyOutpostConfig, externalHost *url.URL)
break
}
ca := config.Get().Redis.TLSCaCert
if ca != nil {
if ca != "" {
// Get the SystemCertPool, continue with an empty pool on error
rootCAs, _ := x509.SystemCertPool()
if rootCAs == nil {
rootCAs = x509.NewCertPool()
}
certs, err := os.ReadFile(*ca)
certs, err := os.ReadFile(ca)
if err != nil {
a.log.WithError(err).Fatalf("Failed to append %s to RootCAs", *ca)
a.log.WithError(err).Fatalf("Failed to append %s to RootCAs", ca)
}
// Append our cert to the system pool
if ok := rootCAs.AppendCertsFromPEM(certs); !ok {