30 lines
699 B
Go
30 lines
699 B
Go
package proxy
|
|
|
|
import (
|
|
"encoding/pem"
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
)
|
|
|
|
func TestIsTrustedBySystem_TrustedViaCertEnv(t *testing.T) {
|
|
ca := newTestCA(t)
|
|
|
|
rootFile := filepath.Join(t.TempDir(), "roots.pem")
|
|
pemBytes := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: ca.cert.Raw})
|
|
if err := os.WriteFile(rootFile, pemBytes, 0o600); err != nil {
|
|
t.Fatalf("WriteFile(root cert) error = %v", err)
|
|
}
|
|
|
|
t.Setenv("SSL_CERT_FILE", rootFile)
|
|
t.Setenv("SSL_CERT_DIR", t.TempDir())
|
|
|
|
trusted, err := ca.IsTrustedBySystem()
|
|
if err != nil {
|
|
t.Fatalf("IsTrustedBySystem() error = %v", err)
|
|
}
|
|
if !trusted {
|
|
t.Fatal("trusted = false, want true when CA is in configured cert file")
|
|
}
|
|
}
|