How to Validate SSL Certificates in Go

How to Validate SSL Certificates in Go

In this (Go) Golang tutorial, you'll learn how to validate SSL certificates in Go

Recently, I came across a SaaS product that validates SSL certificates for your website. I wanted to try writing the same thing in Go – and it turns out that it's pretty straightforward (just 17 lines of code).

You will need to perform three major checks on your website.

  1. First, check to see whether your site has an SSL certificate or not. You'll also need to know if your website is using a self-signed SSL certificate which is not considered a valid certificate (it needs to be signed by a certificate authority).
  2. Second, to see if the SSL certificate has the correct hostname.
  3. And third, you need to know the expiration date of the server certificate.

Prerequisites:

  • You should have go setup on your computer.

Step 1: Check if your website has an SSL certificate

First, we will try to check if the website has an SSL certificate or not.

To do this we need to establish a TLS connection with the website. If that succeeds it means the website has a valid TLS certificate.

To establish a TLS connection we can use the Go crypto/tls package. We'll use the Dial method to connect to the website, like this:

package main

import (
    "crypto/tls"
)

func main() {
    conn, err := tls.Dial("tcp", "example.com:80", nil)
    if err != nil {
        panic("Server doesn't support SSL certificate err: " + err.Error())
    }
}

main.go

We will try to run our test on example.com. When you run the above code, you should get the following error:

$ go run main.go
panic: Server doesn't support SSL certificate err: tls: first record does not look like a TLS handshake

goroutine 1 [running]:
main.main()
        /Users/umesh/personal/spike/main.go:99 +0x2ca
exit status 2

output in the terminal

Basically it tried to establish the connection but failed. The Dial method succeeds only when the website has a valid certificate (it will fail if the certificate is self-signed).

Now try the same code on a website that has SSL enabled. I am using my own website's URL as an example:

package main

import (
    "crypto/tls"
)

func main() {
    conn, err := tls.Dial("tcp", "blog.umesh.wtf:443", nil)
    if err != nil {
        panic("Server doesn't support SSL certificate err: " + err.Error())
    }
}

main.go

This time, we should be able to successfully establish the connection without the code panic.

In production you should not use panic, but rather should handle the error gracefully.

Step 2: Check whether the SSL certificate and website hostname match

To verify the hostname we will need to call VerifyHostname on the conn return by Dial. This method tries to match the common name or subject alt name specified in the certificate with the domain passed as a parameter.

package main

import (
    "crypto/tls"
)

func main() {
    conn, err := tls.Dial("tcp", "blog.umesh.wtf:443", nil)
    if err != nil {
        panic("Server doesn't support SSL certificate err: " + err.Error())
    }

    err = conn.VerifyHostname("blog.umesh.wtf")
    if err != nil {
        panic("Hostname doesn't match with certificate: " + err.Error())
    }
}

main.go

This will successfully execute without any error as the certificate's common name and hostname are the same.

go golang programming developer web-development

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Golang Web Development:Th Best Programming Language in 2020

Golang Web Development is the new trend globally. Get all the details about the Golang development here. Hire Golang Developers.

Golang Tutorial: Learn Go Programming Language for Beginners

An Introduction to the basics of Go programming language. I will try to introduce some of the basic concepts of Go: Variables and Constants; Loops and Conditional Statements; Functions; Structs, arrays, slices, and maps; ...

4 Useful Go Tools That Every Web Developer Should Know

We’ll look at 4 of the most useful tools that provide a better development experience when coding in Go: go vet; gofmt; GoDoc; go get

Why Web Development is Important for your Business

With the rapid development in technology, the old ways to do business have changed completely. A lot more advanced and developed ways are ...

Important Reasons to Hire a Professional Web Development Company

    You name the business and I will tell you how web development can help you promote your business. If it is a startup or you seeking some...