Look at the ""crypto/x509" package, specifically at CertPool. You would load your CA public cert and intermediate cert's into a CertPool.
Once you have a CertPool, you can use it in tls.Config to configure your TLS connections. Given a valid certificate chain, Go will automatically validate server TLS certificates. If you want client cert validation, you have to enable it ( https://golang.org/src/crypto/tls/common.go?s=8208:8231#L227) Is that what you were looking for? On Tue, Apr 30, 2019 at 12:53 PM Vasiliy Tolstov <v.tols...@selfip.ru> wrote: > вт, 30 апр. 2019 г. в 16:23, <buc...@gmail.com>: > > > > > > If I'm understanding your question correctly, this Youtube video from > the 2018 Gophercon should help: > https://www.youtube.com/watch?v=kxKLYDLzuHA > > > > Thanks, i'm already saw this. My question about ability to get trust > root self signed CA cert, and trust all intermediate cert from it. > Also trust all client certs from it intermediates. > > -- > Vasiliy Tolstov, > e-mail: v.tols...@selfip.ru > > -- > You received this message because you are subscribed to the Google Groups > "golang-nuts" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to golang-nuts+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
