srinivasvenu
commented
5 years ago Does anybody have the answer to my query..actually i'm stuck with the implementation of my project at last stage due to this unknown area..
Open srinivasvenu opened 5 years ago
srinivasvenu
commented
5 years ago Does anybody have the answer to my query..actually i'm stuck with the implementation of my project at last stage due to this unknown area..
thepaul
commented
4 years ago The simplest way to replace x509.SystemCertPool with something using openSSL is probably to copy the loadSystemRoots() functions from src/crypto/x509/root_*.go in the Go stdlib source, and change a few calls so that they use openSSL objects instead of x509.CertPool. For example, instead of NewCertPool() you might use openssl.NewCertificateStore().
Hi, I could not find the api to generate the caBundle using the openssl which i have currently in crypto/x509. Following are the api's i know in crypto/x509 to generate the clientTls (tls.config) caBundle, err := x509.SystemCertPool() or caBundle = x509.NewCertPool() caBundle.AppendCertsFromPEM(caFile)
clientTls := tls.Config{ RootCAs: caBundle, Renegotiation: tls.RenegotiateFreelyAsClient, }
Any equivalent api's to access the openssl instead of crypto/x509..