2 * ============LICENSE_START=======================================================
3 * oom-certservice-k8s-external-provider
4 * ================================================================================
5 * Copyright (C) 2020 Nokia. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package certserviceclient
32 func CreateCertServiceClient(baseUrl string, caName string, keyPemBase64 []byte, certPemBase64 []byte, cacertPemBase64 []byte) (*CertServiceClientImpl, error) {
33 cert, err := tls.X509KeyPair(certPemBase64, keyPemBase64)
38 caCertPool := x509.NewCertPool()
39 ok := caCertPool.AppendCertsFromPEM(cacertPemBase64)
41 return nil, fmt.Errorf("couldn't certs from cacert")
43 httpClient := &http.Client{
44 Transport: &http.Transport{
45 TLSClientConfig: &tls.Config{
47 Certificates: []tls.Certificate{cert},
51 certificationUrl, err := parseUrl(baseUrl, caName)
55 client := CertServiceClientImpl{
56 certificationUrl: certificationUrl.String(),
57 httpClient: httpClient,
63 func parseUrl(baseUrl string, caName string) (*url.URL, error) {
64 parsedUrl, err := url.Parse(baseUrl)
69 return nil, fmt.Errorf("caName cannot be empty")
72 parsedUrl.Path = path.Join(parsedUrl.Path, caName)