mdeuser commented on a change in pull request #2864: Add the support of
certificate checking for secure mode
URL:
https://github.com/apache/incubator-openwhisk/pull/2864#discussion_r145510637
##########
File path: tools/cli/go-whisk/whisk/client.go
##########
@@ -94,30 +94,22 @@ var DefaultObfuscateArr = []ObfuscateSet{
func NewClient(httpClient *http.Client, config *Config) (*Client, error) {
- // Disable certificate checking in the dev environment if in insecure mode
- if config.Insecure {
- Debug(DbgInfo, "Disabling certificate checking.\n")
- var tlsConfig *tls.Config
- if config.Cert != "" && config.Key != "" {
- if cert, err := tls.LoadX509KeyPair(config.Cert, config.Key); err
== nil {
- tlsConfig = &tls.Config{
- Certificates: []tls.Certificate{cert},
- InsecureSkipVerify: true,
- }
- }
- }else{
- tlsConfig = &tls.Config{
- InsecureSkipVerify: true,
- }
- }
+ if httpClient == nil {
+ httpClient = http.DefaultClient
+ }
- http.DefaultClient.Transport = &http.Transport{
- TLSClientConfig: tlsConfig,
+ tlsConfig := &tls.Config {
+ InsecureSkipVerify: config.Insecure,
+ }
+
+ if config.Cert != "" && config.Key != "" {
+ if cert, err := ReadX509KeyPair(config.Cert, config.Key); err == nil {
Review comment:
should check for `err != nil` case here.. log error, return failure with
message.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
