TLS 1.3 RequireAndVerifyClientCert


		pool := x509.NewCertPool()

		config := &tls.Config{
			Certificates:	[]tls.Certificate{cert},
			ClientAuth:	tls.RequireAndVerifyClientCert,
			MinVersion:	tls.VersionTLS13,
			MaxVersion:	tls.VersionTLS13,
			ClientCAs:	pool,


		pool := x509.NewCertPool()

		// Configure TLS connection
		config := &tls.Config{
			Certificates:		[]tls.Certificate{cert},
			InsecureSkipVerify:	false,
			RootCAs:		pool,
			ServerName:		"localhost",


I’m doing:
$ openssl req -x509 -nodes -newkey rsa:2048 -out root.pem -subj "/CN=localhost" -addext "subjectAltName = DNS:localhost"

But I receive:
2023/06/10 11:40:58 tls: failed to verify certificate: x509: certificate is not valid for any names, but wanted to match localhost

2023/06/10 11:32:21 tls: failed to verify certificate: x509: cannot validate cer tificate for because it doesn't contain any IP SANs

How do I perform handshake using CA pool without resulting in these errors? I can’t do it anyway!

Thanks in advance.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.