Finding Root CAs in Go on Linux
Go's crypto/tls.Config.RootCAs can be set to define a custom set of root certificate authorities (CAs) for client certificate verification. If left nil, Go defaults to using the "host's root CA set."
On Linux, the host's root CA set is gathered from several potential locations:
/etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt /etc/ssl/ca-bundle.pem /etc/pki/tls/cacert.pem /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /etc/ssl/cert.pem
Once a certificate file is found, the search stops. This allows system administrators to configure which root CAs are trusted by modifying these files.
To globally add another root CA to trust, find and edit one of these files. Append the new root CA certificate in PEM format to the end of the file. Ensure that the file is in a format that is compatible with your Linux distribution.
The above is the detailed content of How Does Go Find and Use Root Certificate Authorities on Linux?. For more information, please follow other related articles on the PHP Chinese website!
mysql paging
What is the shortcut key for switching users?
How to solve the problem that Win10 folder cannot be deleted
How to open ramdisk
What to do if your IP address is attacked
How to cut long pictures on Huawei mobile phones
mybatis first level cache and second level cache
Usage of get function in c language
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
