CertPool->SystemCertPool - API Behavior of Windows

124 views
Skip to first unread message

sre.ag...@gmail.com

unread,
May 15, 2022, 6:01:55 PM5/15/22
to golang-nuts

Hi All,

I am trying to use X509 package with Window Certificate store.

It looks like the X509/SystemCertPool implementation on Windows just returns an empty cert pool.

https://github.com/golang/go/blob/335569b59804f8d14bdb9c7ee2e8b0c2268226ae/src/crypto/x509/root_windows.go#L13

In the older golang versions, this API used to be blocked on Windows specifically. But that restriction got removed.

I am trying to understand the expected behavior. Am I missing something or there is some other way of using this API?

-Vivek

Bryan C. Mills

unread,
May 16, 2022, 9:52:31 AM5/16/22
to golang-nuts
Go 1.18 uses the Windows platform APIs to verify certificates (as proposed in https://go.dev/issue/46287).

The specific changes are summarized in https://go.dev/doc/go1.18#crypto/x509.

Reply all
Reply to author
Forward
0 new messages