客户端
config := &tls.Config{
Certificates: []tls.Certificate{crt},
RootCAs: pool,
InsecureSkipVerify: false,
}
客户端tls配置,
Certificates 客户端证书
RootCAs 根证书验证,简单点自签验证只有1个根证书签发客户端证书和服务端证书
func main() {
flag.Parse()
buf, err := ioutil.ReadFile("ca.crt")
if err != nil {
return
}
pool := x509.NewCertPool()
pool.AppendCertsFromPEM(buf)
cert, err := tls.LoadX509KeyPair(crt, key)
if err != nil {
log.Fatalln(err)
}
config := &tls.Config{
Certificates: []tls.Certificate{crt},
RootCAs: pool,
InsecureSkipVerify: false,
}
//注意这里要使用证书中包含的主机名称
conn, err := tls.Dial("tcp", addr+":8888", config)
if err != nil {
log.Fatal