Ignore non-fatal errors when parsing root certificates

2016-02-05 07:57:15 -08:00 · 2016-02-05 07:57:15 -08:00 · e73a5a89a7
parent 678e8bddc8
commit e73a5a89a7
1 changed files with 10 additions and 1 deletions
--- a/helpers.go
+++ b/helpers.go
@ -88,10 +88,19 @@ func allDNSNames (cert *x509.Certificate) []string {
 	return dnsNames
 }

+func isNonFatalError (err error) bool {
+	switch err.(type) {
+	case x509.NonFatalErrors:
+		return true
+	default:
+		return false
+	}
+}
+
 func getRoot (chain []ct.ASN1Cert) *x509.Certificate {
 	if len(chain) > 0 {
 		root, err := x509.ParseCertificate(chain[len(chain)-1])
-		if err == nil {
+		if err == nil || isNonFatalError(err) {
 			return root
 		}
 		log.Printf("Failed to parse root certificate: %s", err)