// Only grab certificate if on a loopback device
if difftool.specifiedRef.IsHttps() && isURLLoopBack(options.sourceUrl) {
cert, err := utils.GetCertificate(difftool.utils, options.sourceUrl, options.sourceUsername,
options.sourcePassword, xdcrBase.HttpAuthMechPlain)
if err != nil {
return err
}
internalHttpsHostname, _, err := difftool.utils.HttpsRemoteHostAddr(options.sourceUrl, nil)
if err != nil {
return fmt.Errorf("unable to get httpsRemoteHostAddr: %v", err)
}
difftool.selfRef.Certificate_ = cert
refHttpAuthMech, defaultPoolInfo, _, err := difftool.utils.GetSecuritySettingsAndDefaultPoolInfo(options.sourceUrl,
internalHttpsHostname, difftool.selfRef.UserName(), difftool.selfRef.Password(),
difftool.selfRef.Certificates(), difftool.selfRef.ClientCertificate(), difftool.selfRef.ClientKey(),
difftool.selfRef.IsHalfEncryption(), difftool.logger)
This logic is incorrect as it is possible the source cluster's cert is invalid for loopback address.
This logic is incorrect as it is possible the source cluster's cert is invalid for loopback address.