You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I want to check that server's TLS configuration works. Server's TLS configuration uses GetCertificate
What did you expect to see?
That once I call StartTLS is called, GetCertificate is called to obtain the certificate to configure the testing server and testing client.
What did you see instead?
StartTLS ignores and never calls GetCertificate but instead configures testing server and testing client to use testing certificate.
Discussion
I can call something like:
cert, _:=ts.TLS.GetCertificate(nil) // or some other relevant ClientHelloInfo for 127.0.0.1ts.TLS.Certificates= []tls.Certificate{*cert}
before calling StartTLS. But ideally that should be called by StartTLS. This is documented in tls.Config:
// Server configurations must set one of Certificates, GetCertificate or
// GetConfigForClient.
Currently only Certificates is checked, but GetCertificate or GetConfigForClient are ignored.
My motivation is to do a test with golang.org/x/crypto/acme/autocert serving as manager against Pebble to test that http.Server's configuration and everything works correctly.
The text was updated successfully, but these errors were encountered:
I thnk GetCertificate should be called with 127.0.0.1 (or more precisely s.Listener.Addr()) as a parameter. That is what it gets set in s.URL. That can then be stored in s.certificate.
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes.
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
I am trying to test a
http.Server
instance with httptest'sServer
:I want to check that server's TLS configuration works. Server's TLS configuration uses
GetCertificate
What did you expect to see?
That once I call
StartTLS
is called,GetCertificate
is called to obtain the certificate to configure the testing server and testing client.What did you see instead?
StartTLS
ignores and never callsGetCertificate
but instead configures testing server and testing client to use testing certificate.Discussion
I can call something like:
before calling
StartTLS
. But ideally that should be called byStartTLS
. This is documented intls.Config
:Currently only
Certificates
is checked, butGetCertificate
orGetConfigForClient
are ignored.My motivation is to do a test with
golang.org/x/crypto/acme/autocert
serving as manager against Pebble to test thathttp.Server
's configuration and everything works correctly.The text was updated successfully, but these errors were encountered: