crypto/tls: renewing MTLS Certificates in TLS.Conn Connections before remote error: tls: bad certificate
error is thrown
#48817
Labels
FrozenDueToAge
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
Creating
tls.Conn
connections using short-lived certificates with Client Authentication.Client Config:
Server Config:
What did you expect to see?
No errors thrown once the certificate expires, and the existing connections allowed to continue functioning.
What did you see instead?
For a few minutes, everything works fine and it's possible to read and write data exactly as expected. Then, as soon as the short-lived x509 certificate expires, the client TLS.Conn connections throw a
remote error: tls: bad certificate
error.If that's expected behaviour, is it possible to replace the certificates in the connection somehow? For our use case, we would rather not have to re-create the connections if possible.
The text was updated successfully, but these errors were encountered: