Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Using custom certificates with AppEngine
package main
import (
"crypto/tls"
"crypto/x509"
"io/ioutil"
"net"
"net/http"
"appengine"
"appengine/socket"
)
var tlsConfig *tls.Config
func init() {
var (
certFile = "cert.pem"
keyFile = "key.pem"
caFile = "ca.pem"
)
cert, err := tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
panic(err)
}
ca, err := ioutil.ReadFile(caFile)
if err != nil {
panic(err)
}
cpool := x509.NewCertPool()
if !cpool.AppendCertsFromPEM(ca) {
panic("could not append certs from pem")
}
tlsConfig = &tls.Config{
Certificates: []tls.Certificate{cert},
RootCAs: cpool,
}
}
func client(c appengine.Context) *docker.Client {
client := &http.Client{
Transport: &http.Transport{
TLSClientConfig: tlsConfig,
Dial: func(network, addr string) (net.Conn, error) {
// This works around a bug with socker.Dial in dev env.
// See: https://code.google.com/p/googleappengine/issues/detail?id=11076
if appengine.IsDevAppServer() {
return net.Dial(network, addr)
}
return socket.Dial(c, network, addr)
},
},
}
return client
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.