func (h *certRequestHandler) validateCert(cert *ssh.Certificate, authorizedSigners map[string]string) error {
var certChecker ssh.CertChecker
certChecker.IsAuthority = func(auth ssh.PublicKey) bool {
fingerprint := ssh_ca_util.MakeFingerprint(auth.Marshal())
_, ok := authorizedSigners[fingerprint]
return ok
}
err := certChecker.CheckCert(cert.ValidPrincipals[0], cert)
if err != nil {
err := fmt.Errorf("Cert not valid: %v", err)
return err
}
return nil
}
