Compile in CA Certificates

nerves-hub · Dec 14, 2018 · 1a179d4 · 1a179d4
1 parent 419f8b9
commit 1a179d4
Showing 1 changed file with 20 additions and 13 deletions.
diff --git a/lib/nerves_hub/certificate.ex b/lib/nerves_hub/certificate.ex
@@ -2,6 +2,25 @@ defmodule NervesHub.Certificate do
   @public_keys Application.get_env(:nerves_hub, :public_keys, [])
                |> NervesHubCLI.public_keys()
 
+  ca_cert_path =
+  Application.get_env(:nerves_hub_core, :ca_certs) || System.get_env("NERVES_HUB_CA_CERTS") ||
+    :code.priv_dir(:nerves_hub_core)
+    |> to_string()
+    |> Path.join("ca_certs")
+
+  ca_certs =
+    ca_cert_path
+    |> File.ls!()
+    |> Enum.map(&File.read!(Path.join(ca_cert_path, &1)))
+    |> Enum.map(fn
+      <<"-----BEGIN", _rest::binary>> = cert ->
+        [{_, cert, _}] = :public_key.pem_decode(cert)
+        cert
+      _ -> ""
+    end)
+
+  @ca_certs ca_certs
+
   def pem_to_der(<<"-----BEGIN", _rest::binary>> = cert) do
     [{_, cert, _}] = :public_key.pem_decode(cert)
     cert
@@ -11,19 +30,7 @@ defmodule NervesHub.Certificate do
   def pem_to_der(""), do: ""
 
   def ca_certs do
-    ca_cert_path =
-      if cert_path = Application.get_env(:nerves_hub, :ca_certs) do
-        cert_path
-      else
-        :code.priv_dir(:nerves_hub)
-        |> to_string()
-        |> Path.join("ca_certs")
-      end
-
-    ca_cert_path
-    |> File.ls!()
-    |> Enum.map(&File.read!(Path.join(ca_cert_path, &1)))
-    |> Enum.map(&pem_to_der/1)
+    @ca_certs
   end
 
   def public_keys do