From 1e98037ab04ba1d4f093ecb27338f141d681b5bd Mon Sep 17 00:00:00 2001
From: Pascal Budner <mail@pascalbudner.de>
Date: Mon, 16 Mar 2020 17:41:50 +0100
Subject: [PATCH] Fixes #2889 by supporting CRLF and LF certificates and adding
 logging when parsing certificates

---
 lib/fluent/plugin_helper/cert_option.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/fluent/plugin_helper/cert_option.rb b/lib/fluent/plugin_helper/cert_option.rb
index bf8414d7ba..4399b5be15 100644
--- a/lib/fluent/plugin_helper/cert_option.rb
+++ b/lib/fluent/plugin_helper/cert_option.rb
@@ -171,9 +171,12 @@ def cert_option_generate_server_pair_self_signed(generate_opts)
 
       def cert_option_certificates_from_file(path)
         data = File.read(path)
-        pattern = Regexp.compile('-+BEGIN CERTIFICATE-+\n(?:[^-]*\n)+-+END CERTIFICATE-+\n?', Regexp::MULTILINE)
+        pattern = Regexp.compile('-+BEGIN CERTIFICATE-+\r?\n(?:[^-]*\r?\n)+-+END CERTIFICATE-+\r?\n?', Regexp::MULTILINE)
         list = []
         data.scan(pattern){|match| list << OpenSSL::X509::Certificate.new(match) }
+        if list.length() == 0
+          log.warn “cert_path does contain a valid certificate”
+        end
         list
       end
     end