所以我试图使用TLS + http basic auth来保护一些REST API(我知道它不是最好的选择,但会从以后开始,也许会转移到OAuth)。这是我做的:
ListenAndServeTLS()而没有额外选项。现在我有一些shell脚本用于使用curl进行测试。我试过了
curl -i --cacert cert.pem https://localhost:8000
并且完全期望看到一些JSON转储,但我得到的是以下错误消息:
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
我做错了吗?如果是这样,我如何为此目的使用curl?