tls-certificates

This is a demo application to support this blog post. It demonstrates how to apply mTLS configuration on client and the server in Go.

project structure

.
├── 00-certificates           # holds all the certificates used for demonstration
│   ├── client                # client certificate and private key
│   │   ├── cert.pem
│   │   └── key.pem
│   ├── minica-key.pem        # self-signed root certificate  
│   ├── minica.pem            # private key for root certificate
│   └── server                # server certificate and private key
│       ├── cert.pem
│       └── key.pem
├── 01-http-server            # simple http server
│   └── client
├── 02-https-server           # secured server
│   └── server
└── 03-https-server-mtls      # secured server and client
    └── server

certificates generated using minica

find more details about using minica here

generating certificates

generate certificates for testing using below commands:

minica --domains server-cert    # this will generate certificate for a domain "server-cert"
minica --domains client-cert    # this will generate certificate for a domain "client-cert"

configurations on your machine

add below host-names to your local machine. For example on linux, update the /etc/hosts file with below entries.

127.0.0.1       server-cert
127.0.0.1       client-cert

this will create an alias for loopback address.

checkout the working examples here

• 01-http-server
• 02-https-server
• 03-https-client
• 04-https-server-mtls