Fixed ca-certs generation (#25)

engity-com · Oct 15, 2024 · e5aaa24 · e5aaa24
1 parent 1ff33b7
commit e5aaa24
Show file tree

Hide file tree

Showing 2 changed files with 2,062 additions and 1 deletion.
diff --git a/cmd/build/dependencies-ca-certs.go b/cmd/build/dependencies-ca-certs.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"context"
+	"encoding/hex"
 	"encoding/pem"
 	"fmt"
 	"io"
@@ -107,10 +108,15 @@ func (this *dependenciesCaCerts) generate(ctx context.Context, to io.Writer) err
 		if err := ctx.Err(); err != nil {
 			return err
 		}
-		if cert.Trust != certparse.ServerTrustedDelegator {
+		if (cert.Trust & certparse.ServerTrustedDelegator) == 0 {
 			continue
 		}
 
+		log.With("subject", cert.Cert.Subject).
+			With("label", cert.Label).
+			With("serial", hex.EncodeToString(cert.Cert.SerialNumber.Bytes())).
+			Trace("ca cert added")
+
 		if err := pem.Encode(to, &pem.Block{
 			Type:  "CERTIFICATE",
 			Bytes: cert.Data,