-
Notifications
You must be signed in to change notification settings - Fork 4
/
cert.go
50 lines (45 loc) · 968 Bytes
/
cert.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
package xcrypto
import (
"crypto/tls"
"crypto/x509"
"errors"
"net"
"strings"
"time"
)
var (
ErrInvalidParam = errors.New("invalid parameter")
ErrInvalidCert = errors.New("invalid certificate")
)
// GetCertificate 获取域名证书信息
func GetCertificate(network, addr string, timeout time.Duration, tlsConf *tls.Config) (*x509.Certificate, error) {
addr = strings.TrimSpace(addr)
if addr == "" {
return nil, ErrInvalidParam
}
if !strings.HasSuffix(addr, ":443") {
addr += ":443"
}
if strings.HasPrefix(addr, "https://") {
addr = addr[8:]
}
dialer := new(net.Dialer)
if timeout > 0 {
dialer.Timeout = timeout
}
if tlsConf == nil {
tlsConf = new(tls.Config)
}
conn, err := tls.DialWithDialer(dialer, network, addr, tlsConf)
if err != nil {
return nil, err
}
defer func() {
_ = conn.Close()
}()
certs := conn.ConnectionState().PeerCertificates
if len(certs) > 0 {
return certs[0], nil
}
return nil, ErrInvalidCert
}