Example #1
0
func isServerTrusted(server string) (bool, error) {
	bServerTrusted := false

	roots, err := cf.GetCertsFromLocalStore()

	if err != nil {
		return bServerTrusted, err
	}

	//Try connecting securely to the server
	config := tls.Config{RootCAs: roots, InsecureSkipVerify: false}
	conn, err := tls.Dial("tcp", server, &config)

	if err == nil {
		bServerTrusted = true
		_ = conn.Close()
	} else {
		switch err.(type) {
		case x509.UnknownAuthorityError:
			bServerTrusted = false
			err = nil
		}
	}

	return bServerTrusted, err
}
Example #2
0
func NewClient(config *cf.Configuration) (*photon.Client, error) {
	if len(config.CloudTarget) == 0 {
		return nil, errors.New("Specify a Photon Controller endpoint by running 'target set' command")
	}

	options := &photon.ClientOptions{
		IgnoreCertificate: config.IgnoreCertificate,
		TokenOptions: &photon.TokenOptions{
			AccessToken: config.Token,
		},
	}

	//
	// If target is https, check if we could ignore client side cert check
	// If we can't ignore client side cert check, try setting the root certs
	//
	u, err := url.Parse(config.CloudTarget)
	if err == nil && u.Scheme == "https" {
		if !config.IgnoreCertificate == true {
			roots, err := cf.GetCertsFromLocalStore()
			if err == nil {
				options.RootCAs = roots
			} else {
				return nil, err
			}
		}
	}

	esxclient := photon.NewClient(config.CloudTarget, options, logger)
	return esxclient, nil
}