How to parse certifcate/privateKey pair by using Crypto11

Question

I have a pkcs11 token that only contains the private key object. I want to use crypto11 package to retrieve the private key. When I try to parse the x509 key pair by inputting the certificate file and the secret key object. I received the error. var pks *crypto11.SecretKey cannot convert pks (variable of type *crypto11.SecretKey) to []bytecompiler

I want to know what is the correct way to retrieve the private key object. And How do I convert the crypto11 package and certificate file to the x509 certificate for TLS connection?

    // Load the device certificate file
    certificate, err := ioutil.ReadFile("/PATH/cert.pem.crt")
    if err != nil {
        fmt.Println("Error loading device certificate:", err)
        return
    }
//Create Crypto11 instance
    ct11, err := crypto11.Configure(&crypto11.Config{
        Path: "/PATH/libsofthsm2.so",
        SlotNumber: #######,
        Pin:        "####",
    })
//Find Private key
    pks, err := ct11.FindKey(nil, []byte("MyPrivateKeyLabel"))
    if err != nil {
        log.Fatal("Could not search for private key: ", err)
    }

    //x509cert
    cert, err := tls.X509KeyPair(certificate, []byte(pks))
    if err != nil {
        log.Fatal("Error on X509Key Pair ", err)
    }

Answer 1

The solution is pretty simple. I just need to convert the certificate file (pem crt) into the der format.

cerDer, cr := pem.Decode(certFile) //import "encoding/pem"

After that, we could parse the certificate file:

cert, err := x509.ParseCertificate(cerDer.Bytes)