tls.go
762 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
package client
import (
_ "crypto/sha512"
"crypto/tls"
"crypto/x509"
"encoding/pem"
"fmt"
"ngrok/client/assets"
)
func LoadTLSConfig(rootCertPaths []string) (*tls.Config, error) {
pool := x509.NewCertPool()
for _, certPath := range rootCertPaths {
rootCrt, err := assets.Asset(certPath)
if err != nil {
return nil, err
}
pemBlock, _ := pem.Decode(rootCrt)
if pemBlock == nil {
return nil, fmt.Errorf("Bad PEM data")
}
certs, err := x509.ParseCertificates(pemBlock.Bytes)
if err != nil {
return nil, err
}
pool.AddCert(certs[0])
}
//https://github.com/golang/go/issues/9364
//log.Info("MinVersion:", tls.VersionSSL30)
return &tls.Config{RootCAs: pool, MinVersion: tls.VersionSSL30, InsecureSkipVerify: true}, nil
}