How can i use a pfx certificate file of MSPKI SHA256 to perform client connection to a server.
Please help on this ASAP
This loads PFX files: https://godoc.org/golang.org/x/crypto/pkcs12
The you use TLS connections with that as the client certificate, see many guides on this topic.
If possible could you pls help me with a code snippet of a client connection to server with pfx certificate
I am a newbie to development so can someone help on the code snippet
Below is the logic that worked: import crypto/tls, crypto/x509, encoding/pem, io/ioutil, golang.org/x/crypto/pkcs12, net/http
//Trusted Cert
caCert, err := ioutil.ReadFile("/<path>/rootCA.pem")
if err != nil {
log.Fatal(err)
}
certPool := x509.NewCertPool()
certPool.AppendCertsFromPEM(caCert)
//Client Certificate decode
pfx, _ := ioutil.ReadFile("/<path>/<certificate_name>.pfx")
blocks, err := pkcs12.ToPEM (pfx, "Password")
if err != nil {
panic(err)
}
var pemData []byte
for _, b := range blocks {
pemData = append(pemData, pem.EncodeToMemory(b)...)
}
//Then use PEM data for tls to construct tls certificate:
cert, err := tls.X509KeyPair(pemData, pemData)
if err != nil {
panic(err)
}
//Client connection
client := &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
RootCAs: certPool,
ServerName: "<authorized server name>",
Certificates: []tls.Certificate{cert},
Renegotiation: tls.RenegotiateFreelyAsClient,
},
},
}
1 Like
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.