stackoom
  简体   繁体   中英

godaddy's ssl certificate with GoLang

 原文  2016-07-03 06:13:38       ssl/ go/ https

Question

I'm wondering how to use godaddy's ssl certificate with GoLang Https server.

currently I'm using the following code: 

srv := &http.Server{
    Addr: httpsPortStr,
    Handler: n,
    ReadTimeout: time.Duration(config.CfgIni.ReadTimeout) * time.Second,
    WriteTimeout: time.Duration(config.CfgIni.WriteTimeout) * time.Second,
}
err := srv.ListenAndServeTLS(<CERTIFICATE_FILE>,<PRIVATE_KEY_FILE>)

I still have sf_bundle-g2-g1.crt . how do I add it to the chain of certificates ?

update

@Vonc's answer is really helpful, i'm just missing one last thing. I'm using http.Server instance in order to change ReadTimeout and WriteTimeout parameters. how can I do this with the tls ?

My previous code for this: 

srv := &http.Server{
    Addr: httpsPortStr,
    Handler: n,
    ReadTimeout: time.Duration(config.CfgIni.ReadTimeout) * time.Second,
    WriteTimeout: time.Duration(config.CfgIni.WriteTimeout) * time.Second,
}
err := srv.ListenAndServeTLS(config.CfgIni.CertificateFile,config.CfgIni.PrivateKeyFile)

thanks!

1 answers

solution1
 3 ACCPTED  2016-07-03 06:50:08

You can see a full example here in the file-server-go section.
The chain of certificate should be loaded in a x509.NewCertPool() 

cert, err := tls.LoadX509KeyPair("certs/server.pem", "certs/server.key")
if err != nil {
    log.Fatalf("server: loadkeys: %s", err)

}
certpool := x509.NewCertPool()
pem, err := ioutil.ReadFile("certs/ca.pem")
if err != nil {
    log.Fatalf("Failed to read client certificate authority: %v", err)
}
if !certpool.AppendCertsFromPEM(pem) {
    log.Fatalf("Can't parse client certificate authority")
}

config := tls.Config{
    Certificates: []tls.Certificate{cert},
    ClientAuth:   tls.RequireAndVerifyClientCert,
    ClientCAs:    certpool,
}
config.Rand = rand.Reader
service := "0.0.0.0:8000"
listener, err := tls.Listen("tcp", service, &config)

In your case, ioutil.ReadFile("sf_bundle-g2-g1.crt") .

I'm using http.Server instance in order to change ReadTimeout and WriteTimeout parameters 

server := &http.Server{
    Addr:      "0.0.0.0:8000",
    TLSConfig: tlsConfig,
    ReadTimeout: time.Duration // maximum duration before timing out read of the request,
    WriteTimeout: time.Duration // maximum duration before timing out write of the response
}

(replace time.Duration with the actual time)

Then: 

err := server.ListenAndServeTLS(certFile, keyFile string)
log.Fatal(err)

Note ListenAndServeTLS always returns a non-nil error.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question HTTP SSL with GoDaddy's certificate - This server's certificate chain is incomplete SSL certificate, godaddy, JBoss AS 7 GoDaddy SSL Certificate Keystore Installation Tomcat7 Install Godaddy ssl certificate on tomcat 8.5 Server How to install godaddy ssl certificate on aws elb? Use GoDaddy SSL certificate in Spring Boot Tomcat8.5 SSL connector with goDaddy certificate SSL certificate from GoDaddy on NodeJS and express not working SSL Certificate from GoDaddy on Google Compute Engine How to Install SSL certificate from goDaddy in nodejs?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM