From f1a8bbc9933b9939b52ee43062336f9385b62e04 Mon Sep 17 00:00:00 2001
From: Arik Hadas <ahadas@redhat.com>
Date: Wed, 15 May 2024 23:48:02 +0300
Subject: [PATCH] another attempt

Signed-off-by: Arik Hadas <ahadas@redhat.com>
---
 pkg/forklift-api/services/tls-certificate.go | 1 +
 pkg/lib/util/util.go                         | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/pkg/forklift-api/services/tls-certificate.go b/pkg/forklift-api/services/tls-certificate.go
index c06ce665c..0ebeab577 100644
--- a/pkg/forklift-api/services/tls-certificate.go
+++ b/pkg/forklift-api/services/tls-certificate.go
@@ -23,6 +23,7 @@ func serveTlsCertificate(resp http.ResponseWriter, req *http.Request, client cli
 				Bytes: cacert.Raw,
 			})
 			if _, err := resp.Write(encoded); err == nil {
+				resp.Header().Set("Content-Type", "text/plain")
 				resp.WriteHeader(http.StatusOK)
 			} else {
 				msg := fmt.Sprintf("failed to write certificate: %s", string(encoded))
diff --git a/pkg/lib/util/util.go b/pkg/lib/util/util.go
index df05a0bdc..4622aa1b8 100644
--- a/pkg/lib/util/util.go
+++ b/pkg/lib/util/util.go
@@ -27,7 +27,7 @@ func GetTlsCertificate(url *liburl.URL, secret *core.Secret) (crt *x509.Certific
 
 	conn, err := tls.Dial("tcp", host, cfg)
 	if err == nil && len(conn.ConnectionState().PeerCertificates) > 0 {
-		crt, err = x509.ParseCertificate(conn.ConnectionState().PeerCertificates[0].Raw)
+		crt = conn.ConnectionState().PeerCertificates[0]
 	} else {
 		err = liberr.Wrap(err, "url", url)
 	}