package main

import (
	"fmt"
	"net/http"
	"io"
	"crypto/tls"
	"crypto/x509"
	"os"
)

func main() {
	rawpem, err := os.ReadFile("certs/root.pem")
	if err != nil {
		fmt.Println("pem read error:", err)
		return
	}

	cert, err := tls.LoadX509KeyPair("certs/client.pem", "certs/client.key")
	if err != nil {
		fmt.Println("cert load error:", err)
		return
	}

	pool := x509.NewCertPool()
	if !pool.AppendCertsFromPEM(rawpem) {
		fmt.Println("add pem not ok")
		return
	}

	client := &http.Client{
		Transport: &http.Transport{
			TLSClientConfig: &tls.Config{
				RootCAs: pool,
				Certificates: []tls.Certificate{cert},
			},
		},
	}

	resp, err := client.Get("https://localhost:8080")
	if err != nil {
		fmt.Println("get error:", err)
		return
	}

	raw, err := io.ReadAll(resp.Body)
	if err != nil {
		fmt.Println("readall error:", err)
		return
	}

	fmt.Println(">", string(raw))
}