From 56495e43ee009b28f992a67febecee03db2e2b62 Mon Sep 17 00:00:00 2001 From: Anna Khmelnitsky Date: Fri, 17 Apr 2020 15:44:46 -0700 Subject: [PATCH] Fix client auth in policy resources Following SDK change that validates http security context to contain auth type, we need to avoid setting http security context when TLS client auth is responsible for authentication. --- nsxt/provider.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/nsxt/provider.go b/nsxt/provider.go index 1be79b536..853933f98 100644 --- a/nsxt/provider.go +++ b/nsxt/provider.go @@ -507,7 +507,9 @@ func configurePolicyConnectorData(d *schema.ResourceData, clients *nsxtClients) httpClient := http.Client{Transport: tr} clients.PolicyHTTPClient = &httpClient - clients.PolicySecurityContext = securityCtx + if securityContextNeeded { + clients.PolicySecurityContext = securityCtx + } clients.Host = host return nil @@ -534,6 +536,8 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) { func getPolicyConnector(clients interface{}) *client.RestConnector { c := clients.(nsxtClients) connector := client.NewRestConnector(c.Host, *c.PolicyHTTPClient) - connector.SetSecurityContext(c.PolicySecurityContext) + if c.PolicySecurityContext != nil { + connector.SetSecurityContext(c.PolicySecurityContext) + } return connector }