From 72eb82b6872a135673aae5fc0cd2359e67687165 Mon Sep 17 00:00:00 2001 From: Johan Thomsen Date: Fri, 24 Aug 2018 11:54:21 +0200 Subject: [PATCH] certmgr: Add patch for optional trust of self-signed certificates at remote cfssl apiserver --- pkgs/tools/security/certmgr/default.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/security/certmgr/default.nix b/pkgs/tools/security/certmgr/default.nix index fa3076e8b593..28cdcfdad084 100644 --- a/pkgs/tools/security/certmgr/default.nix +++ b/pkgs/tools/security/certmgr/default.nix @@ -1,4 +1,4 @@ -{ stdenv, buildGoPackage, fetchFromGitHub }: +{ stdenv, buildGoPackage, fetchFromGitHub, fetchpatch }: buildGoPackage rec { version = "1.6.1"; @@ -13,6 +13,16 @@ buildGoPackage rec { sha256 = "1ky2pw1wxrb2fxfygg50h0mid5l023x6xz9zj5754a023d01qqr2"; }; + # The following patch makes it possible to use a self-signed x509 cert + # for the cfssl apiserver. + # TODO: remove patch when PR is merged. + patches = [ + (fetchpatch { + url = "https://github.com/cloudflare/certmgr/pull/51.patch"; + sha256 = "0jhsw159d2mgybvbbn6pmvj4yqr5cwcal5fjwkcn9m4f4zlb6qrs"; + }) + ]; + meta = with stdenv.lib; { homepage = https://cfssl.org/; description = "Cloudflare's certificate manager";