You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello GO community, does anyone know how it is possible to validate the certificate to avoid sniffers without loading files such as .pem or other files?
since there it is taught that it must be through files or you can even place the certificate as a string, which I also want to avoid since those 2 ways force the programmer to manage the certificate for each api that is going to be made when there are simple methods and automated to do it without having to worry about which certificate in string or as a file to put
For example, in C# you can validate certificates in this way and protect yourself from sniffers or sniffer proxies in the following way
C++ using the cpr library
cpr::VerifySsl verifySsl{ true };
GO using net/http
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: false}
If everyone noticed it, in those languages you can verify and protect yourself from sniffers very easily and without killing your head so much by placing .pem or string files, in those 3 languages and libraries this is verified in 1 single line of code and I love that
but I have been researching and I don't know how to do it in GO following that idea but for imroc/req/v3, I would like it to work specifically for imroc/req/v3
Could someone help me with this or could the creator of the library implement this update to facilitate SSL verification and thus prevent someone from seeing the api with any sniffer proxy or sniffer program?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello GO community, does anyone know how it is possible to validate the certificate to avoid sniffers without loading files such as .pem or other files?
I don't want to do it as indicated in this link
https://req.cool/docs/tutorial/set-cert/
since there it is taught that it must be through files or you can even place the certificate as a string, which I also want to avoid since those 2 ways force the programmer to manage the certificate for each api that is going to be made when there are simple methods and automated to do it without having to worry about which certificate in string or as a file to put
For example, in C# you can validate certificates in this way and protect yourself from sniffers or sniffer proxies in the following way
C#
Req.SslCertificateValidatorCallback = (object obj, X509Certificate cert, X509Chain ssl, SslPolicyErrors error) => (cert as X509Certificate2).Verify();
C++ using the cpr library
cpr::VerifySsl verifySsl{ true };
GO using net/http
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: false}
If everyone noticed it, in those languages you can verify and protect yourself from sniffers very easily and without killing your head so much by placing .pem or string files, in those 3 languages and libraries this is verified in 1 single line of code and I love that
but I have been researching and I don't know how to do it in GO following that idea but for imroc/req/v3, I would like it to work specifically for imroc/req/v3
Could someone help me with this or could the creator of the library implement this update to facilitate SSL verification and thus prevent someone from seeing the api with any sniffer proxy or sniffer program?
Beta Was this translation helpful? Give feedback.
All reactions