Golang crypto/tls.Config type example

package crypto/tls

A Config structure is used to configure a TLS client or server. After one has been passed to a TLS function it must not be modified. A Config may be reused; the tls package will also not modify it.

For this example to work, first you need to have pem and key files. On Linux/Unix machines, you can generate the files with openssl

openssl req -new -nodes -x509 -out server.pem -keyout server.key -days 365

Golang crypto/tls.Config type usage example

 package main

 import (
 "fmt"
 "os"
 "crypto/tls"
 "crypto/rand"
 "time"
 )

 func main() {

 certificate, err := tls.LoadX509KeyPair("server.pem", "server.key")

 if err != nil {
 fmt.Println(err)
 os.Exit(1)
 }


 // For ClientAuth : tls.RequireAnyClientCert. See http://golang.org/pkg/crypto/tls/#ClientAuthType
 config := tls.Config{Certificates : []tls.Certificate{certificate}, ClientAuth: tls.RequireAnyClientCert}

 config.Rand = rand.Reader

 fmt.Printf("Config.Rand : %x\n", config.Rand)

 config.Time = time.Now

 fmt.Println("Config.Time : ", config.Time)

 for i := range config.Certificates {
 cert := &config.Certificates[i]
 fmt.Printf("Config.Certificate %d : %s\n", i, cert.Certificate[i])
 }

 config.BuildNameToCertificate()

 fmt.Printf("Config.NameToCertificate :%v\n", config.NameToCertificate)

 fmt.Printf("Config.RootCAs :%x\n", config.RootCAs)

 for n := range config.NextProtos {
 nextproto := &config.NextProtos[n]
 fmt.Printf("Config.NextProto %d : %s\n", n, nextproto)
 }

 fmt.Printf("Config.ServerName :%s\n", config.ServerName)

 fmt.Printf("Config.ClientAuth :%v\n", config.ClientAuth)

 fmt.Printf("Config.ClientCA : %v\n", config.ClientCAs)


 fmt.Printf("Config.InsecureSkipVerify : %v\n", config.InsecureSkipVerify)

 for s := range config.CipherSuites {
 ciphersuit := &config.CipherSuites[s]
 fmt.Printf("Config.CipherSuite %d : %s\n", s, ciphersuit)
 }


 fmt.Printf("Config.PreferServerCipherSuites : %v\n", config.PreferServerCipherSuites)

 fmt.Printf("Config.SessionTicketsDisabled : %v\n", config.SessionTicketsDisabled)

 fmt.Printf("Config.SessionTicketKey : %v\n", config.SessionTicketKey)

 fmt.Printf("Config.ClientSessionCache : %v\n", config.ClientSessionCache)

 fmt.Printf("Config.MinVersion : %v\n", config.MinVersion)

 fmt.Printf("Config.MaxVersion : %v\n", config.MaxVersion)

 for p := range config.CurvePreferences {
 curveID := &config.CurvePreferences[p]
 fmt.Printf("Config.CurvePreferences %d : %s\n", p, curveID)
 }
  }

Running the code above with these data

server.key

-----BEGIN RSA PRIVATE KEY-----

MIICXAIBAAKBgQC/9ISW79KqSBlRyLDhtB5xqRkkfgay7cDQNDI8znzE1jACIY5o

oLw2OjtH3vm3oOFWuS305SBj7OtVvYZ1E30WpiLXVTSNQb2UWnUQJT6HhFumsUKq

w69mxRkVSrbtJTTUXdBB/qE3oPLYKex/O+GsSnPEM3PWxHjx7eDro6f0IQIDAQAB

AoGAZXKJEGw23h+0ofB66w4SeOdxjkO8rpvQpziuxEwszKqWPMoXRVyNm+syoU1K

lK3F6dt8Wk0tzSHNTkcX5JAkLwW5HVEhz6qiMVb1HC+WMdGYt0mqr5baVvob1Td5

vg5CYdVqUXiF0YEWGAJRxgXhSk9WH6zQeYPODOB5nZGMTzECQQDktXFZG3yc/Xer

lnSe1HQAMl2zSNoaywJzTzC612P4+LuAamHdS6AlBQZnwjuOeTU5XmvHePKatmOL

R33Dv8lnAkEA1txU9++M5n0HtpjuGAg0/CUy3DLOblcHqSGds2NS1UCerP/ixSCn

9a3VXL7LYaspVjPGUkH6GRa4u4p0U255NwJAcYBKPDqT4SU5GoKUZa5x0xcrwSnK

c7mEAc2vFUqHZquqAdTJtJUvaK/RufR+sfodG9dsDZZMb9NMG3bjRx4KyQJALiko

GBxfKSWzgodYn9EjkQhs5OIFd6869htCxkeQhEBd1s0i6zcY3q96J3LWPyWGu/5j

nUiPctRu29vjIgmaAQJBAOJ3bESiIo0jUyhkbZSpo0n9YDy3NeoQ4Q2JpY+u09c1

Wgd99C5jQO43eRl5oSSNYaAsqVzs0g+lfpkCCvz4KZQ=

-----END RSA PRIVATE KEY-----

and

server.pem

-----BEGIN CERTIFICATE-----

MIID2jCCA0OgAwIBAgIJAMLkh9CatzCMMA0GCSqGSIb3DQEBBQUAMIGlMQswCQYD

VQQGEwJBVTEYMBYGA1UECBMPU291dGggQXVzdHJhbGlhMREwDwYDVQQHEwhBZGVs

YWlkZTEdMBsGA1UEChMUQXdlc29tZSBJbnRlcm5ldCBJbmMxEDAOBgNVBAsTB0lU

IERlcHQxFDASBgNVBAMTC2F3ZXNvbWUuY29tMSIwIAYJKoZIhvcNAQkBFhNhd2Vz

b21lQGF3ZXNvbWUuY29tMB4XDTE0MDgwNTAyMDk0NloXDTE1MDgwNTAyMDk0Nlow

gaUxCzAJBgNVBAYTAkFVMRgwFgYDVQQIEw9Tb3V0aCBBdXN0cmFsaWExETAPBgNV

BAcTCEFkZWxhaWRlMR0wGwYDVQQKExRBd2Vzb21lIEludGVybmV0IEluYzEQMA4G

A1UECxMHSVQgRGVwdDEUMBIGA1UEAxMLYXdlc29tZS5jb20xIjAgBgkqhkiG9w0B

CQEWE2F3ZXNvbWVAYXdlc29tZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ

AoGBAL/0hJbv0qpIGVHIsOG0HnGpGSR+BrLtwNA0MjzOfMTWMAIhjmigvDY6O0fe

+beg4Va5LfTlIGPs61W9hnUTfRamItdVNI1BvZRadRAlPoeEW6axQqrDr2bFGRVK

tu0lNNRd0EH+oTeg8tgp7H874axKc8Qzc9bEePHt4Oujp/QhAgMBAAGjggEOMIIB

CjAdBgNVHQ4EFgQUQynaYrmZjtDj0porRVpjvYrM4JwwgdoGA1UdIwSB0jCBz4AU

QynaYrmZjtDj0porRVpjvYrM4JyhgaukgagwgaUxCzAJBgNVBAYTAkFVMRgwFgYD

VQQIEw9Tb3V0aCBBdXN0cmFsaWExETAPBgNVBAcTCEFkZWxhaWRlMR0wGwYDVQQK

ExRBd2Vzb21lIEludGVybmV0IEluYzEQMA4GA1UECxMHSVQgRGVwdDEUMBIGA1UE

AxMLYXdlc29tZS5jb20xIjAgBgkqhkiG9w0BCQEWE2F3ZXNvbWVAYXdlc29tZS5j

b22CCQDC5IfQmrcwjDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACv4

wpJQxR42uAANUVogoFMuDLvPIyoAwCBZ7R7pqT+NxkoP0ou+OTf52267zv3HBIof

qgae4X7tDmgUO08vrlzi0QPq22sD1fUwmZwWduY2EeODjsd9siszSyL3TKb1liuo

r9LmRQJntYK7JI1+vn4MDV0vrcUFgtlWxqQCbHl0

-----END CERTIFICATE-----

Will produce the following result :

Config.Rand : &{2f6465762f7572616e646f6d ?reflect.Value? {0 0}}

Config.Time : 0x5f390 0��1ig.C*�H��icate 0 : 0��0�C� ���0�0

0 UAU10South Australia10Adelaide10U Awesome Internet Inc10U

IT Dept10U 150805020946Z0��1wesome.com0 awesome.com1"0 *�H��

Config.NameToCertificate :map[awesome.com:0xc2080184b0]

Config.RootCAs :0

Config.ServerName :

Config.ClientAuth :2

Config.ClientCA : Config.InsecureSkipVerify : false

Config.PreferServerCipherSuites : false

Config.SessionTicketsDisabled : false Config.SessionTicketKey : [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0]

Config.ClientSessionCache :

Config.MinVersion : 0 Config.MaxVersion : 0

Note : The output above is generated from dummy test data. Your result may will be different.

Reference :

http://golang.org/pkg/crypto/tls/#Config