Accept MacOS SSL error message.

josephburnett · Joseph Burnett · commit 58314be6576b · 2022-09-14T11:21:27.000-07:00
The error messages for invalid certificates is slightly different on Linux and MacOS. We should accept both. Once this issue is fixed: golang/go#52010 we can just compare the error to the canonical UnknownAuthorityError.
diff --git a/helpers/certificate/x509_test.go b/helpers/certificate/x509_test.go
@@ -8,6 +8,7 @@ import (
 	"crypto/x509"
 	"net"
 	"net/http"
+	"regexp"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -61,5 +62,7 @@ func TestCertificate(t *testing.T) {
 
 	_, err = client.Do(req)
 	assert.Error(t, err)
-	assert.Contains(t, err.Error(), "certificate signed by unknown authority")
+	// Error messages provided by Linux and MacOS respectively.
+	const want = "certificate signed by unknown authority|certificate is not trusted"
+	assert.Regexp(t, regexp.MustCompile(want), err.Error())
 }
diff --git a/network/client_test.go b/network/client_test.go
@@ -20,6 +20,7 @@ import (
 	"net/url"
 	"os"
 	"path/filepath"
+	"regexp"
 	"strconv"
 	"strings"
 	"testing"
@@ -295,7 +296,9 @@ func TestClientInvalidSSL(t *testing.T) {
 		nil,
 	)
 	assert.Equal(t, -1, statusCode, statusText)
-	assert.Contains(t, statusText, "certificate signed by unknown authority")
+	// Error messages provided by Linux and MacOS respectively.
+	const want = "certificate signed by unknown authority|certificate is not trusted"
+	assert.Regexp(t, regexp.MustCompile(want), statusText)
 }
 
 func TestClientTLSCAFile(t *testing.T) {
