Golang crypto/tls.Client and ConnectionState functions example
package crypto/tls
Client returns a new TLS client side connection using conn as the underlying transport. The config cannot be nil: users must set either ServerName or InsecureSkipVerify in the config.
ConnectionState returns basic TLS details about the connection.
Golang crypto/tls.Client and ConnectionState functions usage example
package main
import (
"fmt"
"crypto/tls"
"crypto/x509"
)
func main() {
// Connecting with a custom root-certificate set.
const rootPEM = `
-----BEGIN CERTIFICATE-----
MIIEBDCCAuygAwIBAgIDAjppMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMTMwNDA1MTUxNTU1WhcNMTUwNDA0MTUxNTU1WjBJMQswCQYDVQQG
EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy
bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP
VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv
h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE
ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ
EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC
DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB+zCB+DAfBgNVHSMEGDAWgBTAephojYn7
qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wEgYD
VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwOgYDVR0fBDMwMTAvoC2g
K4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwPQYI
KwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vZ3RnbG9iYWwtb2NzcC5n
ZW90cnVzdC5jb20wFwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMA0GCSqGSIb3DQEB
BQUAA4IBAQA21waAESetKhSbOHezI6B1WLuxfoNCunLaHtiONgaX4PCVOzf9G0JY
/iLIa704XtE7JW4S615ndkZAkNoUyHgN7ZVm2o6Gb4ChulYylYbc3GrKBIxbf/a/
zG+FA1jDaFETzf3I93k9mTXwVqO94FntT0QJo544evZG0R0SnU++0ED8Vf4GXjza
HFa9llF7b1cq26KqltyMdMKVvvBulRP/F/A8rLIQjcxz++iPAsbw+zOzlTvjwsto
WHPbqCRiOwY1nQ2pM714A5AuTHhdUDqB1O6gyHA43LL5Z/qHQF1hwFGPa4NrzQU6
yuGnBXj8ytqU0CwIPX4WecigUCAkVDNx
-----END CERTIFICATE-----`
// First, create the set of root certificates. For this example we only
// have one. It's also possible to omit this in order to use the
// default root set of the current operating system.
roots := x509.NewCertPool()
ok := roots.AppendCertsFromPEM([]byte(rootPEM))
if !ok {
panic("failed to parse root certificate")
}
conn, err := tls.Dial("tcp", "mail.google.com:443", &tls.Config{
RootCAs: roots,ServerName: "mail.google.com", InsecureSkipVerify: true,
})
if err != nil {
panic("failed to connect: " + err.Error())
}
// populate tls.Config with dummy data
tlsConn := tls.Client(conn, &tls.Config{
RootCAs: roots,ServerName : "mail.google.com", InsecureSkipVerify: true,
})
// skip Handshake ... not with google mail server
connstate := tlsConn.ConnectionState()
fmt.Printf("Version : %x\n", connstate.Version)
fmt.Printf("HandshakeComplete : %v\n", connstate.HandshakeComplete)
fmt.Printf("DidResume : %v\n", connstate.DidResume)
fmt.Printf("CipherSuite : %x\n", connstate.CipherSuite)
fmt.Printf("NegotiatedProtocol : %x\n", connstate.NegotiatedProtocol)
fmt.Printf("NegotiatedProtocolIsMutual : %v\n", connstate.NegotiatedProtocolIsMutual)
fmt.Printf("ServerName : %s\n", connstate.ServerName)
for i := range connstate.PeerCertificates {
peercert := &connstate.PeerCertificates[i]
fmt.Printf("PeerCertificate %d : %d\n", i, peercert)
}
for r := range connstate.VerifiedChains {
vchains := &connstate.VerifiedChains[r]
fmt.Printf("Verified Chains %d : %d\n", r, vchains)
}
tlsConn.Close()
conn.Close()
}
Example output :
Version : 0
HandshakeComplete : false
DidResume : false
CipherSuite : 0
NegotiatedProtocol :
NegotiatedProtocolIsMutual : false
ServerName :
References :
http://golang.org/pkg/crypto/tls/#Client
Advertisement
Something interesting
Tutorials
+12.8k Swift : Convert (cast) Int or int32 value to CGFloat
+18.8k Golang : Delete duplicate items from a slice/array
+6.9k Golang : Calculate BMI and risk category
+11.4k Golang : Delay or limit HTTP requests example
+12.5k Golang : HTTP response JSON encoded data
+39k Golang : How to iterate over a []string(array)
+8.3k Golang : Auto-generate reply email with text/template package
+10.1k Golang : Identifying Golang HTTP client request
+25.3k Golang : Convert uint value to string type
+19.6k Golang : Set or Add HTTP Request Headers
+7.4k Android Studio : How to detect camera, activate and capture example
+7.5k Golang : Gorrila set route name and get the current route name