Golang从哪里获取根CA? [英] Where is Golang picking up root CAs from?
本文介绍了Golang从哪里获取根CA?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
crypto/tls.Config.RootCAs
状态
// RootCAs defines the set of root certificate authorities
// that clients use when verifying server certificates.
// If RootCAs is nil, TLS uses the host's root CA set.
在Linux上,是从哪里获得主机的根CA集"的?我需要知道这一点,以便能够全局添加另一个要信任的根CA.
On Linux, where are "the host's root CA set" picked up from? I need to know this to be able to globally add another root CA to trust.
推荐答案
It searches through the following locations: https://golang.org/src/crypto/x509/root_linux.go
摘录
// Copyright 2015 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package x509
// Possible certificate files; stop after finding one.
var certFiles = []string{
"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
"/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL 6
"/etc/ssl/ca-bundle.pem", // OpenSUSE
"/etc/pki/tls/cacert.pem", // OpenELEC
"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", // CentOS/RHEL 7
"/etc/ssl/cert.pem", // Alpine Linux
}
这篇关于Golang从哪里获取根CA?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文