2 replies

Client Certificate gets blocked

I am trying to setup a client certificate for my golang application so my golang application can connect to my cloudflare protected API endpoint. I also set up a mtls rule that blocks access if this certificate is not verified from the client. I am not sure why I'm still encountering 403 status codes. Anyone have a suggestion?

func main() {
    certs, _ := tls.LoadX509KeyPair("certificate.pem", "key.pem")
    rcert, _ := os.ReadFile("rootcert.pem")
    rpool := x509.NewCertPool()
    rpool.AppendCertsFromPEM(rcert)
    tlsConfig := &tls.Config{
        Certificates:       []tls.Certificate{certs},
        RootCAs:            rpool,
        InsecureSkipVerify: true,
    }
    tr := &http.Transport{
        TLSClientConfig: tlsConfig,
    }
    client := &http.Client{
        Transport: tr,
    }
    request, _ := http.NewRequest("GET", "https://api.mydomain.com/", nil)
    response, err := client.Do(request)
    if err != nil {
        log.Println(err)
    }
    fmt.Println("status code:", response.StatusCode)
    // code to handle the response removed from code snippet
}

func main() {
    certs, _ := tls.LoadX509KeyPair("certificate.pem", "key.pem")
    rcert, _ := os.ReadFile("rootcert.pem")
    rpool := x509.NewCertPool()
    rpool.AppendCertsFromPEM(rcert)
    tlsConfig := &tls.Config{
        Certificates:       []tls.Certificate{certs},
        RootCAs:            rpool,
        InsecureSkipVerify: true,
    }
    tr := &http.Transport{
        TLSClientConfig: tlsConfig,
    }
    client := &http.Client{
        Transport: tr,
    }
    request, _ := http.NewRequest("GET", "https://api.mydomain.com/", nil)
    response, err := client.Do(request)
    if err != nil {
        log.Println(err)
    }
    fmt.Println("status code:", response.StatusCode)
    // code to handle the response removed from code snippet
}

Cloudflare Developers•3y ago•

2 replies

kcinnay

Client Certificate gets blocked

func main() {
    certs, _ := tls.LoadX509KeyPair("certificate.pem", "key.pem")
    rcert, _ := os.ReadFile("rootcert.pem")
    rpool := x509.NewCertPool()
    rpool.AppendCertsFromPEM(rcert)
    tlsConfig := &tls.Config{
        Certificates:       []tls.Certificate{certs},
        RootCAs:            rpool,
        InsecureSkipVerify: true,
    }
    tr := &http.Transport{
        TLSClientConfig: tlsConfig,
    }
    client := &http.Client{
        Transport: tr,
    }
    request, _ := http.NewRequest("GET", "https://api.mydomain.com/", nil)
    response, err := client.Do(request)
    if err != nil {
        log.Println(err)
    }
    fmt.Println("status code:", response.StatusCode)
    // code to handle the response removed from code snippet
}

func main() {
    certs, _ := tls.LoadX509KeyPair("certificate.pem", "key.pem")
    rcert, _ := os.ReadFile("rootcert.pem")
    rpool := x509.NewCertPool()
    rpool.AppendCertsFromPEM(rcert)
    tlsConfig := &tls.Config{
        Certificates:       []tls.Certificate{certs},
        RootCAs:            rpool,
        InsecureSkipVerify: true,
    }
    tr := &http.Transport{
        TLSClientConfig: tlsConfig,
    }
    client := &http.Client{
        Transport: tr,
    }
    request, _ := http.NewRequest("GET", "https://api.mydomain.com/", nil)
    response, err := client.Do(request)
    if err != nil {
        log.Println(err)
    }
    fmt.Println("status code:", response.StatusCode)
    // code to handle the response removed from code snippet
}

Client Certificate gets blocked

Similar Threads

Client Certificate gets blocked

Similar Threads

Similar Threads

Similar Threads