I’ve done some more updates. Transports are now in separate packages as I proposed. TLS is in a package called “bitbucket.org/gdamore/mangos/transport/tlstcp” The reason its called “tlstcp” instead of just “tls” is two fold. 1. Its darned inconvenient when this package collides with crypto/tls. (You can use renames on the import line, but … that’s kind of ugly.) 2. There may be other transports that use TLS on top of … (notably probably *not* DTLS, but one could imagine TLS on top of IPC, etc. Not sure what value that would have, but I *can* think of actual use cases.) To load a transport, you can import it (e.g. import “bitbucket.org/gdamore/mangos/transport/tcp”) then pass that package’s “NewTransport()” result to the new AddTransport() method for Socket. So it looks like: sock.AddTransport(tcp.NewTransport()) Also, there is an “all” package underneath transport/ that will load all transports on a socket. It goes like this: all.AddTransports(sock) macat and the test suite use this all package. The macat program now properly has lots of options relating to TLS. You can specify certs, CAs, even the TLS protocol version. (I’ve not added ciphersuite selection yet, but I will.) Note that macat assumes you want *mutual* authentication unless you go out of your way to say otherwise. This is very intentional, since the uses cases here are probably specifically unlike traditional HTTPS where you have random unknown clients. You can disable this by providing —insecure (or -k). Note also that a server *must* have its own certificate presented. Again, very intentional. I tried to use curl’s switches since I figure they are the most likely to be familiar to folks using SSL. Here’s the man page for macat.1: macat(1) mangos macat(1) NAME macat − command line interface to the mangos messaging SYNOPSIS macat [−v|−−verbose] [−q|−−silent] [−−push] [−−pull] [−−pub] [−−sub] [−−req] [−−rep] [−−surveyor] [−−respondent] [−−bus] [−−pair] [−−star] [−−bind ADDR] [−−connect ADDR] [−X|−−bind‐ipc PATH] [−x|−−connect‐ipc PATH] [−L|−−bind‐local PORT] [−l|−−connect‐local PORT] [−−subscribe PREFIX] [−−recv‐timeout SEC] [−−send‐timeout SEC] [−d|−−send‐delay SEC] [−−raw] [−A|−−ascii] [−Q|−−quoted] [−−msgpack] [−i|−−interval SEC] [−D|−−data DATA] [−F|−−file FILE] [−−sslv3] [−−tlsv1] [−−tlsv1.1] [−−tlsv1.1] [−−tlsv1.2] [−E|−−cert FILE] [−−key FILE] [−−cacert FILE] [−k|−−insecure] [−−help] DESCRIPTION macat is a command‐line interface to send and receive data via the man‐ gos implementation of the SP (nanomsg) protocols. It is designed to be suitable for use as a drop‐in replacement for nanocat(1). OPTIONS −v,−−verbose Increase verbosity −q,−−silent Decrease verbosity −−push Use PUSH socket type −−pull Use PULL socket type −−pub Use PUB socket type −−sub Use SUB socket type −−req Use REQ socket type −−rep Use REP socket type −−surveyor Use SURVEYOR socket type −−respondent Use RESPONDENT socket type −−bus Use BUS socket type −−pair Use PAIR socket type −−star Use STAR socket type −−bind ADDR Bind socket to ADDR −−connect ADDR Connect socket to ADDR −X,−−bind‐ipc PATH Bind socket to IPC PATH −x,−−connect‐ipc PATH Connect socket to IPC PATH −L,−−bind‐local PORT Bind socket to TCP localhost PORT −l,−−connect‐local PORT Connect socket to TCP localhost PORT −−subscribe PREFIX Subcribe to PREFIX (default is wildcard) −−recv‐timeout SEC Set receive timeout −−send‐timeout SEC Set send timeout −d,−−send‐delay SEC Set initial send delay −−raw Raw output, no delimiters −A,−−ascii ASCII output, one per line −Q,−−quoted Quoted output, one per line −−msgpack Msgpacked binay output (see msgpack.org) −i,−−interval SEC Send DATA every SEC seconds −D,−−data DATA Data to send −F,−−file FILE Send contents of FILE −−sslv3 Force SSLv3 when using SSL/TLS −−tlsv1 Force TLSv1.x when using SSL/TLS −−tlsv1.1 Force TLSv1.0 when using SSL/TLS −−tlsv1.1 Force TLSv1.1 when using SSL/TLS −−tlsv1.2 Force TLSv1.2 when using SSL/TLS −E,−−cert FILE Use certificate in FILE for SSL/TLS −−key FILE Use private key in FILE for SSL/TLS −−cacert FILE Use CA certicate(s) in FILE for SSL/TLS −k,−−insecure Do not validate TLS/SSL peer certificate −−help show usage message AUTHOR Garrett D’Amore mangos April 26, 2014 macat(1) -- Garrett D'Amore Sent with Airmail