From a7fcfe0e4ebb5119f8c82fe0010862a143e635eb Mon Sep 17 00:00:00 2001
From: Mariano Cano <mariano.cano@gmail.com>
Date: Tue, 30 Aug 2022 17:11:44 -0700
Subject: [PATCH] Verify with roots and intermediates

---
 cas/softcas/softcas_test.go | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/cas/softcas/softcas_test.go b/cas/softcas/softcas_test.go
index f8d940b3..8867b9b4 100644
--- a/cas/softcas/softcas_test.go
+++ b/cas/softcas/softcas_test.go
@@ -489,12 +489,15 @@ func TestSoftCAS_CreateCertificate_ec_rsa(t *testing.T) {
 		t.Errorf("Certificate.SignatureAlgorithm = %v, want %v", iss.SignatureAlgorithm, x509.SHA256WithRSAPSS)
 	}
 
-	pool := x509.NewCertPool()
-	pool.AddCert(iss)
+	roots := x509.NewCertPool()
+	roots.AddCert(root)
+	intermediates := x509.NewCertPool()
+	intermediates.AddCert(iss)
 	if _, err = cert.Certificate.Verify(x509.VerifyOptions{
-		CurrentTime: time.Now(),
-		Roots:       pool,
-		KeyUsages:   []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
+		CurrentTime:   time.Now(),
+		Roots:         roots,
+		Intermediates: intermediates,
+		KeyUsages:     []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
 	}); err != nil {
 		t.Errorf("Certificate.Verify() error = %v", err)
 	}