0

I am using golang go-gin server for hosting an application. Both the front-end and back-end work over https and both are separate projects. The front-end makes ajax calls to the back-end which is rest API based. If I clear the browser cache (Google Chrome) and try to load the UI it does not communicate with the back-end API initially. Then in another tab I hit the base url (https://localhost:8080/) accept the certificate and then it works. Is there any way to avoid this? I want the front end should auto accept the certificate and not complain about it.

I159
  • 29,741
  • 31
  • 97
  • 132
codec
  • 7,978
  • 26
  • 71
  • 127
  • If you're using a self-signed cert, you must to install it in your browser/system and in any other computer to prevent that warning, there's not other way if you what to use it with ajax. Also, it looks that you're developing in this moment, so, you can use a simple http for that propose. If you're connecting directly both golang servers without a browser, you can disable the tls validation with http.Transport. – Motakjuq Nov 29 '16 at 05:24
  • There is a good answer http://stackoverflow.com/questions/12122159/golang-how-to-do-a-https-request-with-bad-certificate – I159 Nov 29 '16 at 10:02

1 Answers1

0

In tls.Config you can find the Certificates attribute, which could be helpful in your situation:

Certificates contains one or more certificate chains to present to the other side of the connection. Server configurations must include at least one certificate or else set GetCertificate.

Then you can use your custom tls.Config to obtain a http.Transport for your purposes

tr := &http.Transport{
    TLSClientConfig: &tls.Config{...custom config attrs...},
}
I159
  • 29,741
  • 31
  • 97
  • 132