Parenthetically, I'm assuming you are talking about implementing your own VerifyPeerCertificate or VerifyConnection callback as set in your tls.Config
See https://pkg.go.dev/crypto/tls#Config for reference. On Sunday, August 10, 2025 at 11:06:47 PM UTC+1 Jason E. Aten wrote: > Umm, I don't think you want to set InsecureSkipVerify=true. (I think you > need to keep verification on). Otherwise > none of the custom verification callbacks will be called at all, if I'm > recalling correctly. > > TLS and HTTP are pretty separate layers; I use TLS alot without HTTP for > instance. So it shouldn't be > too difficult to customize a web server's response on TLS handshake fail... > > On Tuesday, August 5, 2025 at 10:10:10 PM UTC+1 Daniel Lockhart wrote: > >> Question regarding crypto/tls. Unfortunately, in the name of supporting >> legacy hardware, I need to change the HTTP 400 status code Go returns on a >> TLS verification failure to something else dynamically, based on the >> certificate. >> >> >> https://github.com/golang/go/blob/4ee0df8c466861bcd258ec55b58283f276d3b3d5/src/net/http/server.go#L2070 >> >> Is the only option I have to set InsecureSkipVerify to true and rewrite >> the verification logic within my own TLSConfig.VerifyConnection? >> >> or is there a better way to do this? >> CONFIDENTIALITY NOTICE: This email and any attachments are for the sole >> use of the intended recipient and may contain material that is proprietary, >> confidential, privileged or otherwise legally protected or restricted under >> applicable government laws. Any review, disclosure, distributing or other >> use without expressed permission of the sender is strictly prohibited. If >> you are not the intended recipient, please contact the sender and delete >> all copies without reading, printing, or saving. > > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/golang-nuts/695c1852-8788-487b-a604-b0b472007767n%40googlegroups.com.
