Cloudflare Developers•6mo ago

Client Certificate gets blocked

I am trying to setup a client certificate for my golang application so my golang application can connect to my cloudflare protected API endpoint. I also set up a mtls rule that blocks access if this certificate is not verified from the client. I am not sure why I'm still encountering 403 status codes. Anyone have a suggestion?

func main() {
    certs, _ := tls.LoadX509KeyPair("certificate.pem", "key.pem")
    rcert, _ := os.ReadFile("rootcert.pem")
    rpool := x509.NewCertPool()
    rpool.AppendCertsFromPEM(rcert)
    tlsConfig := &tls.Config{
        Certificates:       []tls.Certificate{certs},
        RootCAs:            rpool,
        InsecureSkipVerify: true,
    }
    tr := &http.Transport{
        TLSClientConfig: tlsConfig,
    }
    client := &http.Client{
        Transport: tr,
    }
    request, _ := http.NewRequest("GET", "https://api.mydomain.com/", nil)
    response, err := client.Do(request)
    if err != nil {
        log.Println(err)
    }
    fmt.Println("status code:", response.StatusCode)
    // code to handle the response removed from code snippet
}

func main() {
    certs, _ := tls.LoadX509KeyPair("certificate.pem", "key.pem")
    rcert, _ := os.ReadFile("rootcert.pem")
    rpool := x509.NewCertPool()
    rpool.AppendCertsFromPEM(rcert)
    tlsConfig := &tls.Config{
        Certificates:       []tls.Certificate{certs},
        RootCAs:            rpool,
        InsecureSkipVerify: true,
    }
    tr := &http.Transport{
        TLSClientConfig: tlsConfig,
    }
    client := &http.Client{
        Transport: tr,
    }
    request, _ := http.NewRequest("GET", "https://api.mydomain.com/", nil)
    response, err := client.Do(request)
    if err != nil {
        log.Println(err)
    }
    fmt.Println("status code:", response.StatusCode)
    // code to handle the response removed from code snippet
}

2 Replies

Moccachino•6mo ago

Hi @kcinnay, i think your issue is similar to mine. take a look, i was able to solve my problem with the linked tutorial: https://discord.com/channels/595317990191398933/1186310941617422438

kcinnay•6mo ago

Thanks! I will look into it!

Gaming

Programming

Client Certificate gets blocked