add --self-signed flag to conjur logon

infamousjoeg · infamousjoeg · Jan 27, 2021 · Jan 20, 2021 · Jan 20, 2021 · Jan 20, 2021
commit 453ebeccacbefee7ee2d5f9294abfd222607a9fb
diff --git a/cmd/conjur.go b/cmd/conjur.go
@@ -99,9 +99,14 @@ var conjurLogonCmd = &cobra.Command{
 		}
 
 		netrcPath := fmt.Sprintf("%s/.netrc", homeDir)
-		certPath := fmt.Sprintf("%s/conjur-%s.pem", homeDir, Account)
 
-		err = conjur.CreateConjurRc(Account, BaseURL)
+		// certPath remains empty if not using self-signed-cert
+		certPath := ""
+		if InsecureTLS {
+			certPath = fmt.Sprintf("%s/conjur-%s.pem", homeDir, Account)
+		}
+
+		err = conjur.CreateConjurRc(Account, BaseURL, InsecureTLS)
 		if err != nil {
 			log.Fatalf("Failed to create ~/.conjurrc file. %s\n", err)
 		}
@@ -391,6 +396,7 @@ func init() {
 	conjurLogonCmd.MarkFlagRequired("account")
 	conjurLogonCmd.Flags().StringVarP(&BaseURL, "base-url", "b", "", "Conjur appliance URL")
 	conjurLogonCmd.MarkFlagRequired("base-url")
+	conjurLogonCmd.Flags().BoolVar(&InsecureTLS, "self-signed", false, "Retrieve and use self-signed certificate when sending requests to the Conjur API")
 
 	// append-policy
 	conjurAppendPolicyCmd.Flags().StringVarP(&PolicyBranch, "branch", "b", "", "The policy branch in which policy is being loaded")