Revert change for windows cert pool access in 1.8

The upstream change to allow access to the windows system cert pool was reverted, reverting and updating messaging. Maybe 1.9....golang/go#18609 Signed-off-by: Derek McGowan <[email protected]> (github: dmcgowan)
dmcgowan · Feb 3, 2017 · f652133 · f652133
1 parent c972f11
commit f652133
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 12 deletions.
diff --git a/tlsconfig/certpool_go17.go b/tlsconfig/certpool_go17.go
@@ -1,4 +1,4 @@
-// +build go1.7,!go1.8
+// +build go1.7
 
 package tlsconfig
 

diff --git a/tlsconfig/certpool_go18.go b/tlsconfig/certpool_go18.go
diff --git a/tlsconfig/config.go b/tlsconfig/config.go
@@ -118,7 +118,7 @@ func Server(options Options) (*tls.Config, error) {
 		return nil, fmt.Errorf("Error reading X509 key pair (cert: %q, key: %q): %v. Make sure the key is not encrypted.", options.CertFile, options.KeyFile, err)
 	}
 	tlsConfig.Certificates = []tls.Certificate{tlsCert}
-	if options.ClientAuth >= tls.VerifyClientCertIfGiven {
+	if options.ClientAuth >= tls.VerifyClientCertIfGiven && options.CAFile != "" {
 		CAs, err := certPool(options.CAFile)
 		if err != nil {
 			return nil, err