From 990db89fd29b262093b6d0bdc1cef366e9b9cf8f Mon Sep 17 00:00:00 2001
From: Marcus Bowyer <marcus@euarctos.com>
Date: Wed, 12 Apr 2023 21:15:55 -0700
Subject: [PATCH] Don't use ServerCertificateCustomValidationCallback when no
 CA is set

---
 src/KubernetesClient/Kubernetes.ConfigInit.cs | 18 +-----------------
 1 file changed, 1 insertion(+), 17 deletions(-)

diff --git a/src/KubernetesClient/Kubernetes.ConfigInit.cs b/src/KubernetesClient/Kubernetes.ConfigInit.cs
index b77931d5f..7fc808b9f 100644
--- a/src/KubernetesClient/Kubernetes.ConfigInit.cs
+++ b/src/KubernetesClient/Kubernetes.ConfigInit.cs
@@ -72,28 +72,12 @@ private void InitializeFromConfig(KubernetesClientConfiguration config)
                 }
                 else
                 {
-                    if (CaCerts == null)
+                    if (CaCerts != null)
                     {
-                        var store = new X509Store(
-                            StoreName.CertificateAuthority,
-                            StoreLocation.CurrentUser);
 #if NET5_0_OR_GREATER
                         HttpClientHandler.SslOptions.RemoteCertificateValidationCallback =
 #else
                         HttpClientHandler.ServerCertificateCustomValidationCallback =
-#endif
-                            (sender, certificate, chain, sslPolicyErrors) =>
-                            {
-                                return CertificateValidationCallBack(sender, store.Certificates, certificate, chain,
-                                    sslPolicyErrors);
-                            };
-                    }
-                    else
-                    {
-#if NET5_0_OR_GREATER
-                        HttpClientHandler.SslOptions.RemoteCertificateValidationCallback =
-#else
-                    HttpClientHandler.ServerCertificateCustomValidationCallback =
 #endif
                             (sender, certificate, chain, sslPolicyErrors) =>
                             {