Open srinivasvenu opened 5 years ago
Does anybody have the answer to my query..actually i'm stuck with the implementation of my project at last stage due to this unknown area..
The simplest way to replace x509.SystemCertPool
with something using openSSL is probably to copy the loadSystemRoots()
functions from src/crypto/x509/root_*.go
in the Go stdlib source, and change a few calls so that they use openSSL objects instead of x509.CertPool
. For example, instead of NewCertPool()
you might use openssl.NewCertificateStore()
.
Hi, I could not find the api to generate the caBundle using the openssl which i have currently in crypto/x509. Following are the api's i know in crypto/x509 to generate the clientTls (tls.config) caBundle, err := x509.SystemCertPool() or caBundle = x509.NewCertPool() caBundle.AppendCertsFromPEM(caFile)
clientTls := tls.Config{ RootCAs: caBundle, Renegotiation: tls.RenegotiateFreelyAsClient, }
Any equivalent api's to access the openssl instead of crypto/x509..