Open
Description
For some reason, when looking for a CA root store on UNIX we stop at the first good file, still look at directories, and not stop at the first good directory. On most systems the file, if it exists, is a bundling of the roots in the directory, and the directories are for different systems, not for combining.
We should probably make the function exit sooner.
Metadata
Metadata
Assignees
Type
Projects
Milestone
Relationships
Development
No branches or pull requests
Participants
Activity
gopherbot commentedon May 16, 2020
Change https://golang.org/cl/234257 mentions this issue:
crypto/x509: rework how system roots are loaded on unix systemsFiloSottile commentedon Oct 5, 2020
Like #39540, let's give crypto/x509 a rest in Go 1.16.
dmitshur commentedon May 21, 2021
There's only a week until target date for 1.17 beta 1. I'll move this to Backlog since it doesn't seem someone is actively working on getting this in, but please update the issue if needed.