From 44177b9e584e0a296dc92f33e460948fecec200f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= <i@sekai.icu>
Date: Thu, 13 Feb 2025 09:09:26 +0800
Subject: [PATCH] Fix Android certificate initialize

---
 common/certificate/store.go | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/common/certificate/store.go b/common/certificate/store.go
index e42de5f9..24ed54e6 100644
--- a/common/certificate/store.go
+++ b/common/certificate/store.go
@@ -33,16 +33,14 @@ func NewStore(ctx context.Context, logger logger.Logger, options option.Certific
 	var systemPool *x509.CertPool
 	switch options.Store {
 	case C.CertificateStoreSystem, "":
-		platformInterface := service.FromContext[platform.Interface](ctx)
-		systemCertificates := platformInterface.SystemCertificates()
-		if len(systemCertificates) > 0 {
-			systemPool = x509.NewCertPool()
-			for _, cert := range systemCertificates {
-				if !systemPool.AppendCertsFromPEM([]byte(cert)) {
-					return nil, E.New("invalid system certificate PEM: ", cert)
-				}
+		systemPool = x509.NewCertPool()
+		var systemValid bool
+		for _, cert := range service.FromContext[platform.Interface](ctx).SystemCertificates() {
+			if systemPool.AppendCertsFromPEM([]byte(cert)) {
+				systemValid = true
 			}
-		} else {
+		}
+		if !systemValid {
 			certPool, err := x509.SystemCertPool()
 			if err != nil {
 				return nil, err