From 2ec431557cf74e0c049f2238508f0d4524e60080 Mon Sep 17 00:00:00 2001
From: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Date: Mon, 5 May 2025 15:54:07 -0400
Subject: [PATCH] Add IConfiguration

---
 util/Setup/Program.cs | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/util/Setup/Program.cs b/util/Setup/Program.cs
index 25062e6bbe..d3fca08a9e 100644
--- a/util/Setup/Program.cs
+++ b/util/Setup/Program.cs
@@ -3,6 +3,7 @@ using System.Net.Http.Json;
 using Bit.Core.Settings;
 using Bit.Migrator;
 using Bit.Setup.Enums;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 
@@ -288,9 +289,20 @@ public class Program
                 url = $"{installationUrl}/installations/";
             }
 
+            var config = new ConfigurationBuilder()
+                .AddInMemoryCollection(new Dictionary<string, string>
+                {
+                    // Setup uses a different default location for the location of the CA certificates.
+                    ["X509ChainOptions:AdditionalCustomTrustCertificatesDirectory"] = "/bitwarden/ca-certificates",
+                })
+                // Still allow customization through environment variables though
+                .AddEnvironmentVariables()
+                .Build();
+
             // We need to get an HttpClient that has been configured with custom trust certificates.
             var httpClient = new ServiceCollection()
                 .AddX509ChainCustomization()
+                .AddSingleton<IConfiguration>(config)
                 // Setup is always ran for self hosted, so it's fine to hard code this to true and allow chain customization
                 .AddSingleton(new GlobalSettings { SelfHosted = true })
                 .AddLogging()