我想知道如何在GoLang Https服务器上使用godaddy的ssl证书。
目前,我正在使用以下代码:
srv := &http.Server{ Addr: httpsPortStr, Handler: n, ReadTimeout: time.Duration(config.CfgIni.ReadTimeout) * time.Second, WriteTimeout: time.Duration(config.CfgIni.WriteTimeout) * time.Second, } err := srv.ListenAndServeTLS(<CERTIFICATE_FILE>,<PRIVATE_KEY_FILE>)
我还有sf_bundle-g2-g1.crt。如何将其添加到证书链中?
sf_bundle-g2-g1.crt
@Vonc的回答确实很有帮助,我只是想念最后一件事。我正在使用http.Server实例来更改ReadTimeout和WriteTimeout参数。如何使用tls做到这一点?
我之前的代码:
srv := &http.Server{ Addr: httpsPortStr, Handler: n, ReadTimeout: time.Duration(config.CfgIni.ReadTimeout) * time.Second, WriteTimeout: time.Duration(config.CfgIni.WriteTimeout) * time.Second, } err := srv.ListenAndServeTLS(config.CfgIni.CertificateFile,config.CfgIni.PrivateKeyFile)
谢谢!
您可以在本节中看到完整的示例file-server- go。 证书链应装入x509.NewCertPool()
file-server- go
x509.NewCertPool()
cert, err := tls.LoadX509KeyPair("certs/server.pem", "certs/server.key") if err != nil { log.Fatalf("server: loadkeys: %s", err) } certpool := x509.NewCertPool() pem, err := ioutil.ReadFile("certs/ca.pem") if err != nil { log.Fatalf("Failed to read client certificate authority: %v", err) } if !certpool.AppendCertsFromPEM(pem) { log.Fatalf("Can't parse client certificate authority") } config := tls.Config{ Certificates: []tls.Certificate{cert}, ClientAuth: tls.RequireAndVerifyClientCert, ClientCAs: certpool, } config.Rand = rand.Reader service := "0.0.0.0:8000" listener, err := tls.Listen("tcp", service, &config)
就您而言,ioutil.ReadFile("sf_bundle-g2-g1.crt")。
ioutil.ReadFile("sf_bundle-g2-g1.crt")
我正在使用http.Server实例以更改ReadTimeout和WriteTimeout参数
server := &http.Server{ Addr: "0.0.0.0:8000", TLSConfig: tlsConfig, ReadTimeout: time.Duration // maximum duration before timing out read of the request, WriteTimeout: time.Duration // maximum duration before timing out write of the response }
(time.Duration以实际时间代替)
time.Duration
然后:
err := server.ListenAndServeTLS(certFile, keyFile string) log.Fatal(err)
注意ListenAndServeTLS总是返回一个非nil错误。
ListenAndServeTLS
