Skip to content

crypto/x509: allow cert bundle path to be set by environment variable #3905

New issue
New issue
Closed
Closed
crypto/x509: allow cert bundle path to be set by environment variable#3905
Labels
FrozenDueToAge
Milestone
 
Unplanned
@gopherbot

Description

@gopherbot
gopherbot
opened on Aug 4, 2012

by viriketo:

Using go 1.0.2 on linux-x86_64.

It looks like go https works with a hardcoded path to ca-bundle list of accepted
certificates.

I think it would be nice if src/pkg/crypto/x509/root_unix.go could look at some
environment variable for an exclusive ca-cert.

In the GNU/Linux distribution NixOS we have the system ca-cert bundle sitting at a path
different than those hardcoded in root_unix.go, and I can patch go1.0.2 to make it work.
But users may want to have control about the trusted certificates, when they run go
programs.

Activity

robpike

robpike commented on Aug 4, 2012

@robpike
robpike
on Aug 4, 2012
Contributor

Comment 1:

Labels changed: added priority-later, packagechange, removed priority-triage.

Owner changed to @agl.

Status changed to Accepted.

rsc

rsc commented on Nov 27, 2013

@rsc
rsc
on Nov 27, 2013
Contributor

Comment 3:

Labels changed: added go1.3maybe.

rsc

rsc commented on Dec 4, 2013

@rsc
rsc
on Dec 4, 2013
Contributor

Comment 4:

Labels changed: added release-none, removed go1.3maybe.

rsc

rsc commented on Dec 4, 2013

@rsc
rsc
on Dec 4, 2013
Contributor

Comment 5:

Labels changed: added repo-main.

gopherbot

gopherbot commented on Nov 21, 2014

@gopherbot
gopherbot
on Nov 21, 2014
ContributorAuthor

Comment 6 by sokolyuk:

Please add
"/etc/ssl/cacert.pem",                      // OmniOS
into  pkg/crypto/x509/root_unix.go
gopherbot
added
accepted
priority-later
package-change
release-none
repo-main
on Nov 21, 2014
rsc
added this to the Unplanned milestone on Apr 10, 2015
rsc
removed
priority-later
accepted
package-change
release-none
repo-main
on Apr 10, 2015
mwielgoszewski
mentioned this on Feb 26, 2016
odeke-em

odeke-em commented on Oct 10, 2016

@odeke-em
odeke-em
on Oct 10, 2016
Member

Any thoughts on this @agl?

gopherbot

gopherbot commented on Feb 2, 2017

@gopherbot
gopherbot
on Feb 2, 2017
ContributorAuthor

CL https://golang.org/cl/36093 mentions this issue.

gopherbot
closed this as completedin e83bcd9on May 3, 2017
golang
locked and limited conversation to collaborators on May 3, 2018
gopherbot
added
FrozenDueToAge
on May 3, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    FrozenDueToAge

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @rsc@robpike@odeke-em@gopherbot

        Issue actions
          crypto/x509: allow cert bundle path to be set by environment variable · Issue #3905 · golang/go