package main

import (
	"crypto/tls"
	"crypto/x509"
	"io"
	"io/ioutil"
	"log"
	"net/http"
	"os"
	"time"
)

var cl *http.Client

func main() {
	cl = getClient()
	for i := 0; i < 3; i++ {
		go reqHttp()
	}
	time.Sleep(5 * time.Second)
}

func reqHttp() {
	//resp, err := cl.Get("https://http2.golang.org/")
	resp, err := cl.Get("https://localhost:8080/")
	if err != nil {
		log.Fatal("http req fail:", err)
	}
	log.Println("Request code=", resp.StatusCode)
	io.Copy(ioutil.Discard, resp.Body)
	resp.Body.Close()
	time.Sleep(time.Second)
}


func getClient() *http.Client {
	kl, err := os.Create("key.log")
	if err != nil {
		log.Fatal("Unable to open kl:", err)
	}

	caCert, err := ioutil.ReadFile("local.crt")
	caCertPool, err := x509.SystemCertPool()
	if err != nil {
		log.Fatalln("Fail to load system cert pool")
	}
	caCertPool.AppendCertsFromPEM(caCert)
	var client = http.Client{
		Transport: &http.Transport{
			MaxConnsPerHost: 1,
			TLSClientConfig: &tls.Config{
				RootCAs: caCertPool,
				KeyLogWriter: kl,
				InsecureSkipVerify: true,
			},
			ForceAttemptHTTP2: true,
		},
	}

	return &client
}