如何在Golang Web服务器上设置HTTPS? [英] How to set up HTTPS on golang web server?

问题描述

我正在阅读 https://www.kaihag.com/https-and-go /并从Comodo购买了SSL证书，他们通过电子邮件向我发送了.zip文件.到目前为止，我拥有的所有文件都是这样的

I'm reading https://www.kaihag.com/https-and-go/ and bought an SSL certificate from Comodo which they emailed me a .zip file. All of the files I have so far look like this

csr.pem
private-key.pem
website.com.crt
website.com.ca-bundle
website.com.zip

上述网站希望我连接3个我没有的.pem文件.顺便说一下，.pem文件需要串联的原因是什么?使用上面未修改的文件，如何在golang网络服务器上设置https?

The above website wants me to concatenate 3 .pem files which I don't have. Incidentally what is the reason the .pem files need to concatenated? Using the above files which haven't been modified, how can https be set up on a golang webserver?

推荐答案

使用 https://golang.org/pkg/net/http/#ListenAndServeTLS

http.HandleFunc("/", handler)
log.Printf("About to listen on 10443. Go to https://127.0.0.1:10443/")
err := http.ListenAndServeTLS(":10443", "cert.pem", "key.pem", nil)
log.Fatal(err)

这并不是一个真正的问题，但是由于计算机仅存储根证书，因此需要中间证书.通过将它们串联在一起，可以将它们全部放在一个文件中，以便浏览器获得所有证书-这是必需的步骤，否则您的服务器将在某些设备上发生故障.您的证书提供者将提供执行此操作的说明.首先，您需要一个证书文件和一个私钥文件.

This isn't really a go question, but the intermediate certs are required because computers only store root certs. By concatenating them you put them all in one file so the browser gets all certs - this is a required step otherwise your server will fail on certain devices. Your cert provider will provide instructions for doing this. For go you need one cert file and one private key file.

https://kb.wisc.edu/page.php?id=18923

要合并证书，您可以只使用cat(确保它们首先在文件末尾有换行符)，例如:

To combine the certs you can just use cat (making sure they have a line feed at the end of the file first), something like:

cat example.com.ca-crt example.com.ca-bundle > example.com.crt

这篇关于如何在Golang Web服务器上设置HTTPS?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！