So for a long while i have been trying to create a chain of trust in Go. I used this code to create the certificate https://golang.org/src/crypto/tls/generate_cert.go But if i set the isCA to false the certificate file in the browser will be empty and my browser will display an error saying: SEC_ERROR_UNKNOWN_ISSUER. How can i specify where it should check the certificate? I looked at alot of examples but still don’t really understand how it should work. I tried using my own generated server CA and pasted a random intermediate CA under it but it doesn’t know where to check. I know it will deny the certificate, but i’m just trying to understand how the chain works in Go. I don’t know how to use a chain certificate in Go should i use the issuer in template or subject or aren’t those important etc. Does anyone have a example or could point me in the right direction? Thanks.
This is what i am trying to achieve (doesn’t matter if the rootCA is self signed it’s just for testing purposes) Click for image
