extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-03-04 09:51:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
97d498c59c
netbird/relay/tls/client_dev.go

27 lines
630 B
Go
Raw Normal View History

[client,relay] Add QUIC support (#2962)
2025-01-15 16:28:19 +01:00
//go:build devcert
package tls
[client] use embedded root CA if system certpool is empty (#3272) * Implement custom TLS certificate handling with fallback to embedded roots
2025-02-04 16:17:59 +01:00
import (
"crypto/tls"
"crypto/x509"
log "github.com/sirupsen/logrus"
"github.com/netbirdio/netbird/util/embeddedroots"
)
[client,relay] Add QUIC support (#2962)
2025-01-15 16:28:19 +01:00
func ClientQUICTLSConfig() *tls.Config {
[client] use embedded root CA if system certpool is empty (#3272) * Implement custom TLS certificate handling with fallback to embedded roots
2025-02-04 16:17:59 +01:00
certPool, err := x509.SystemCertPool()
if err != nil || certPool == nil {
log.Debugf("System cert pool not available; falling back to embedded cert, error: %v", err)
certPool = embeddedroots.Get()
}
[client,relay] Add QUIC support (#2962)
2025-01-15 16:28:19 +01:00
return &tls.Config{
InsecureSkipVerify: true, // Debug mode allows insecure connections
NextProtos: []string{nbalpn}, // Ensure this matches the server's ALPN
[client] use embedded root CA if system certpool is empty (#3272) * Implement custom TLS certificate handling with fallback to embedded roots
2025-02-04 16:17:59 +01:00
RootCAs: certPool,
[client,relay] Add QUIC support (#2962)
2025-01-15 16:28:19 +01:00
}
}
Reference in New Issue Copy Permalink