package pay_service import ( "crypto/tls" "crypto/x509" "fmt" "github.com/chanxuehong/wechat/mch/core" "net/http" ) // 配置 client func Client() (*core.Client, error) { certP12, err := Asset("cacert/apiclient_cert.p12") if err != nil { return nil, err } certPem, err := Asset("cacert/apiclient_cert.pem") if err != nil { return nil, err } keyPem, err := Asset("cacert/apiclient_key.pem") if err != nil { return nil, err } pkcsPool := x509.NewCertPool() pkcsPool.AppendCertsFromPEM(certP12) certificate, err := tls.X509KeyPair(certPem, keyPem) if err != nil { return nil, fmt.Errorf("tls.LoadX509KeyPair:%s", err) } tlsConfig := &tls.Config{ Certificates: []tls.Certificate{certificate}, RootCAs: pkcsPool, InsecureSkipVerify: true, } httpClient := &http.Client{ Transport: &http.Transport{ TLSClientConfig: tlsConfig, DisableKeepAlives: true, }, } return core.NewClient(Appid, Mchid, ApiKey, httpClient), nil }