pprof with TLS client authentication

[Daniel Mai]

Does go tool pprof support TLS with client authentication? I see it has TLS options, but when I set them it doesn't work. But, it works if I use the standalone pprof tool.

$ go version

go version go1.14.1 linux/amd64

$ go tool pprof -tls_ca=./ca.crt -tls_cert=./client.user.crt -tls_key=./client.user.key https://localhost:8080/debug/pprof/heap

Fetching profile over HTTP from https://localhost:8080/debug/pprof/heap

https://localhost:8080/debug/pprof/heap: Get "https://localhost:8080/debug/pprof/heap": x509: certificate signed by unknown authority

failed to fetch any source profiles

$ go get -u github.com/google/pprof

$ pprof -tls_ca=./ca.crt -tls_cert=./client.user.crt -tls_key=./client.user.key https://localhost:8080/debug/pprof/heap  

Fetching profile over HTTP from https://localhost:8080/debug/pprof/heap

Saved profile in /home/dmai/pprof/pprof.dgraph.alloc_objects.alloc_space.inuse_objects.inuse_space.5629.pb.gz

[maciej.g...@karhoo.com]

I would just write a standalone http server with mTLS set up and serve the profiling functions from there. 

You are not forced to use the server mux provided by the package. 

Karhoo Europe (UK) Ltd. a company registered in England and Wales, company number 10623359, registered address: 2 Eastbourne Terrace, London, England, W2 6LG

This communication is intended solely for the person(s) or organisation to whom it is addressed and may be privileged and confidential.  If you are not the intended recipient, any review, disclosure, use, copy, alteration or transmission of this email and/or any file transmitted with it, is prohibited and may be unlawful.  If you have received this email in error, we apologise for any inconvenience and request you please notify us as soon as possible and delete it and any attached files from your system.