Golang crypto/tls.Client and ConnectionState functions example
package crypto/tls
Client returns a new TLS client side connection using conn as the underlying transport. The config cannot be nil: users must set either ServerName or InsecureSkipVerify in the config.
ConnectionState returns basic TLS details about the connection.
Golang crypto/tls.Client and ConnectionState functions usage example
package main
import (
"fmt"
"crypto/tls"
"crypto/x509"
)
func main() {
// Connecting with a custom root-certificate set.
const rootPEM = `
-----BEGIN CERTIFICATE-----
MIIEBDCCAuygAwIBAgIDAjppMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMTMwNDA1MTUxNTU1WhcNMTUwNDA0MTUxNTU1WjBJMQswCQYDVQQG
EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy
bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP
VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv
h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE
ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ
EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC
DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB+zCB+DAfBgNVHSMEGDAWgBTAephojYn7
qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wEgYD
VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwOgYDVR0fBDMwMTAvoC2g
K4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwPQYI
KwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vZ3RnbG9iYWwtb2NzcC5n
ZW90cnVzdC5jb20wFwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMA0GCSqGSIb3DQEB
BQUAA4IBAQA21waAESetKhSbOHezI6B1WLuxfoNCunLaHtiONgaX4PCVOzf9G0JY
/iLIa704XtE7JW4S615ndkZAkNoUyHgN7ZVm2o6Gb4ChulYylYbc3GrKBIxbf/a/
zG+FA1jDaFETzf3I93k9mTXwVqO94FntT0QJo544evZG0R0SnU++0ED8Vf4GXjza
HFa9llF7b1cq26KqltyMdMKVvvBulRP/F/A8rLIQjcxz++iPAsbw+zOzlTvjwsto
WHPbqCRiOwY1nQ2pM714A5AuTHhdUDqB1O6gyHA43LL5Z/qHQF1hwFGPa4NrzQU6
yuGnBXj8ytqU0CwIPX4WecigUCAkVDNx
-----END CERTIFICATE-----`
// First, create the set of root certificates. For this example we only
// have one. It's also possible to omit this in order to use the
// default root set of the current operating system.
roots := x509.NewCertPool()
ok := roots.AppendCertsFromPEM([]byte(rootPEM))
if !ok {
panic("failed to parse root certificate")
}
conn, err := tls.Dial("tcp", "mail.google.com:443", &tls.Config{
RootCAs: roots,ServerName: "mail.google.com", InsecureSkipVerify: true,
})
if err != nil {
panic("failed to connect: " + err.Error())
}
// populate tls.Config with dummy data
tlsConn := tls.Client(conn, &tls.Config{
RootCAs: roots,ServerName : "mail.google.com", InsecureSkipVerify: true,
})
// skip Handshake ... not with google mail server
connstate := tlsConn.ConnectionState()
fmt.Printf("Version : %x\n", connstate.Version)
fmt.Printf("HandshakeComplete : %v\n", connstate.HandshakeComplete)
fmt.Printf("DidResume : %v\n", connstate.DidResume)
fmt.Printf("CipherSuite : %x\n", connstate.CipherSuite)
fmt.Printf("NegotiatedProtocol : %x\n", connstate.NegotiatedProtocol)
fmt.Printf("NegotiatedProtocolIsMutual : %v\n", connstate.NegotiatedProtocolIsMutual)
fmt.Printf("ServerName : %s\n", connstate.ServerName)
for i := range connstate.PeerCertificates {
peercert := &connstate.PeerCertificates[i]
fmt.Printf("PeerCertificate %d : %d\n", i, peercert)
}
for r := range connstate.VerifiedChains {
vchains := &connstate.VerifiedChains[r]
fmt.Printf("Verified Chains %d : %d\n", r, vchains)
}
tlsConn.Close()
conn.Close()
}
Example output :
Version : 0
HandshakeComplete : false
DidResume : false
CipherSuite : 0
NegotiatedProtocol :
NegotiatedProtocolIsMutual : false
ServerName :
References :
http://golang.org/pkg/crypto/tls/#Client
Advertisement
Something interesting
Tutorials
+7.2k Ubuntu : connect() to unix:/var/run/php5-fpm.sock failed (13: Permission denied) while connecting to upstream
+5.5k Golang : Display advertisement images or strings on random order
+9.7k Random number generation with crypto/rand in Go
+19.3k Golang : Calculate entire request body length during run time
+15k Golang : package is not in GOROOT during compilation
+5.2k Responsive Google Adsense
+7.4k Golang : How to detect if a sentence ends with a punctuation?
+15.6k Golang : ROT47 (Caesar cipher by 47 characters) example
+11.3k Golang : Characters limiter example
+9.9k Golang : Sort and reverse sort a slice of integers
+17.6k Convert JSON to CSV in Golang
+40.5k Golang : Convert to io.ReadSeeker type