kubernetes-client/csharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use the system certificate store if no certificates are specified. (#1261)

Browse Source 
* Use the system certificate store if no certificates are specified.

* Don't use ServerCertificateCustomValidationCallback when no CA is set
This commit is contained in:
Marcus Bowyer
2023-04-18 16:36:45 -07:00
committed by GitHub
parent 142fd14e25
commit 729b10c731
3 changed files with 45 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/KubernetesClient/Kubernetes.ConfigInit.cs
View File

@@ -72,21 +72,19 @@ namespace k8s
}
else
{
if (CaCerts == null)
if (CaCerts != null)
{
throw new KubeConfigException("A CA must be set when SkipTlsVerify === false");
}
#if NET5_0_OR_GREATER
HttpClientHandler.SslOptions.RemoteCertificateValidationCallback =
HttpClientHandler.SslOptions.RemoteCertificateValidationCallback =
#else
HttpClientHandler.ServerCertificateCustomValidationCallback =
HttpClientHandler.ServerCertificateCustomValidationCallback =
#endif
(sender, certificate, chain, sslPolicyErrors) =>
{
return CertificateValidationCallBack(sender, CaCerts, certificate, chain,
sslPolicyErrors);
};
(sender, certificate, chain, sslPolicyErrors) =>
{
return CertificateValidationCallBack(sender, CaCerts, certificate, chain,
sslPolicyErrors);
};
}
}
}