From 5d55496173541a101f3e164196a891b443349b28 Mon Sep 17 00:00:00 2001
From: achenging <2787641+achenging@users.noreply.github.com>
Date: Mon, 20 Jan 2025 22:16:49 +0800
Subject: [PATCH] fix: remove the private-key and certificate props to add the
 custom certs. change the custom-certificates  to use  PEM format instead of
 DER

---
 component/ca/config.go | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/component/ca/config.go b/component/ca/config.go
index 9d002db6..874e74b5 100644
--- a/component/ca/config.go
+++ b/component/ca/config.go
@@ -7,8 +7,10 @@ import (
 	"crypto/x509"
 	_ "embed"
 	"encoding/hex"
+	"encoding/pem"
 	"errors"
 	"fmt"
+	"log"
 	"os"
 	"strconv"
 	"strings"
@@ -33,8 +35,16 @@ func AddCertificate(certificate string) error {
 	if certificate == "" {
 		return fmt.Errorf("certificate is empty")
 	}
-	if cert, err := x509.ParseCertificate([]byte(certificate)); err == nil {
+
+	block, _ := pem.Decode([]byte(certificate))
+	if block == nil {
+		log.Fatalln("failed to parse PEM block containing the certificate")
+		return fmt.Errorf("decode certificate failed")
+	}
+
+	if cert, err := x509.ParseCertificate(block.Bytes); err == nil {
 		trustCerts = append(trustCerts, cert)
+		globalCertPool.AddCert(cert)
 		return nil
 	} else {
 		return fmt.Errorf("add certificate failed")