func (h *certRequestHandler) validateCert(cert *ssh.Certificate, authorizedSigners map[string]string) error { var certChecker ssh.CertChecker certChecker.IsAuthority = func(auth ssh.PublicKey) bool { fingerprint := ssh_ca_util.MakeFingerprint(auth.Marshal()) _, ok := authorizedSigners[fingerprint] return ok } err := certChecker.CheckCert(cert.ValidPrincipals[0], cert) if err != nil { err := fmt.Errorf("Cert not valid: %v", err) return err } return nil }