3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-04 20:03:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

config: disable Strict-Transport-Security when using a self-signed certificate (#3743)

Browse source
This commit is contained in:
Caleb Doxsey 2022-11-10 16:01:06 -07:00 committed by GitHub
parent 01445a8c00
commit 2c9087f5e7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 77 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

10
pkg/cryptutil/tls.go
View file

@ -63,6 +63,16 @@ func GetCertificateForDomain(certificates []tls.Certificate, domain string) (*tl
return GenerateSelfSignedCertificate(domain)
}
// HasCertificateForDomain returns true if a TLS certificate matches the given domain.
func HasCertificateForDomain(certificates []tls.Certificate, domain string) bool {
for i := range certificates {
if matchesDomain(&certificates[i], domain) {
return true
}
}
return false
}
// GetCertificateDomains gets all the certificate's matching domain names.
// Will return an empty slice if certificate is nil, empty, or x509 parsing fails.
func GetCertificateDomains(cert *tls.Certificate) []string {