Original post

How can i use a pfx certificate file of MSPKI SHA256 to perform client connection to a server.
Please help on this ASAP

This loads PFX files: https://godoc.org/golang.org/x/crypto/pkcs12

The you use TLS connections with that as the client certificate, see many guides on this topic.

If possible could you pls help me with a code snippet of a client connection to server with pfx certificate

I am a newbie to development so can someone help on the code snippet

Below is the logic that worked: import crypto/tls, crypto/x509, encoding/pem, io/ioutil, golang.org/x/crypto/pkcs12, net/http

//Trusted Cert
    caCert, err := ioutil.ReadFile("/<path>/rootCA.pem")
    if err != nil {
    log.Fatal(err)
    } 
    certPool := x509.NewCertPool()
    certPool.AppendCertsFromPEM(caCert)

//Client Certificate decode
    pfx, _ := ioutil.ReadFile("/<path>/<certificate_name>.pfx")
    blocks, err := pkcs12.ToPEM (pfx, "Password")
    if err != nil {
    panic(err)
    }

    var pemData []byte
    for _, b := range blocks {
    pemData = append(pemData, pem.EncodeToMemory(b)...)
    }

//Then use PEM data for tls to construct tls certificate:
cert, err := tls.X509KeyPair(pemData, pemData)
if err != nil {
panic(err)
}

//Client connection
    client := &http.Client{
    Transport: &http.Transport{
        TLSClientConfig: &tls.Config{
            RootCAs: certPool,
            ServerName: "<authorized server name>",
            Certificates: []tls.Certificate{cert},
            Renegotiation: tls.RenegotiateFreelyAsClient,
        },
    },
}

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.