Resolve certificate references in ONC by PEM.

chromeos/network/managed_network_configuration_handler.cc

Index: chromeos/network/managed_network_configuration_handler.cc
diff --git a/chromeos/network/managed_network_configuration_handler.cc b/chromeos/network/managed_network_configuration_handler.cc
index 0009231da0670943e4ce67e613f0001da8b365a4..7543a52f1e38342bdaf0827fdaa382e649ff7980 100644
--- a/chromeos/network/managed_network_configuration_handler.cc
+++ b/chromeos/network/managed_network_configuration_handler.cc
@@ -45,6 +45,8 @@ namespace {
 
 // These are error strings used for error callbacks. None of these error
 // messages are user-facing: they should only appear in logs.
+const char kCertificatesNotLoadedMessage[] = "Certificates not loaded.";
+const char kCertificatesNotLoaded[] = "Error.CertificatesNotLoaded";
 const char kInvalidUserSettingsMessage[] = "User settings are invalid.";
 const char kInvalidUserSettings[] = "Error.InvalidUserSettings";
 const char kNetworkAlreadyConfiguredMessage[] =
@@ -197,9 +199,15 @@ scoped_ptr<base::DictionaryValue> CreateShillConfiguration(
 
   effective->SetStringWithoutPathExpansion(onc::network_config::kGUID, guid);
 
+  net::CertificateList server_and_ca_certs;
+  // TODO(pneubeck): Obtain list of server/ca certificates here.
+
   scoped_ptr<base::DictionaryValue> shill_dictionary(
-      onc::TranslateONCObjectToShill(&onc::kNetworkConfigurationSignature,
-                                     *effective));
+      onc::TranslateONCObjectToShill(
+          &onc::kNetworkConfigurationSignature,
+          *effective,
+          base::Bind(&onc::GetPEMEncodedCertFromFingerprint,
+                     server_and_ca_certs)));
 
   shill_dictionary->SetStringWithoutPathExpansion(flimflam::kProfileProperty,
                                                   profile.path);