Switch from bremcl/rootcerts to x/crypto/x509roots
stapelberg opened this issue · comments
Michael Stapelberg commented
We first need to add a Bundle() accessor to the x509roots/fallback package, then we can dump the certificates (in internal/packer/cacerts.go
) like so:
b := new(bytes.Buffer)
for _, cert := range fallback.Bundle() {
fmt.Fprintf(b, "# %s\n# %x\n", cert.Subject.String(), sha256.Sum256(cert.Raw))
pem.Encode(b, &pem.Block{Type: "CERTIFICATE", Bytes: cert.Raw})
}
return string(b.Bytes()), nil