Golang从哪里获取根CA?

crypto/tls.Config.RootCAs 状态

// RootCAs defines the set of root certificate authorities

// that clients use when verifying server certificates.

// If RootCAs is nil, TLS uses the host's root CA set.

我需要知道这一点,以便能够全局添加另一个要信任的根CA。

回答:

它在以下位置搜索:https :

//golang.org/src/crypto/x509/root_linux.go

摘抄

// Copyright 2015 The Go Authors. All rights reserved.

// Use of this source code is governed by a BSD-style

// license that can be found in the LICENSE file.

package x509

// Possible certificate files; stop after finding one.

var certFiles = []string{

"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.

"/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL 6

"/etc/ssl/ca-bundle.pem", // OpenSUSE

"/etc/pki/tls/cacert.pem", // OpenELEC

"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", // CentOS/RHEL 7

"/etc/ssl/cert.pem", // Alpine Linux

}

以上是 Golang从哪里获取根CA? 的全部内容, 来源链接: utcz.com/qa/399295.html

回到顶部