How to set up HTTPS on golang web server?

<p>I&#39;m reading <a href="https://www.kaihag.com/https-and-go/">https://www.kaihag.com/https-and-go/</a> and bought an SSL certificate from Comodo which they emailed me a <code>.zip</code> file. All of my files so far look like this</p> <pre><code>csr.pem private-key.pem website.com.crt website.com.ca-bundle website.com.zip </code></pre> <p>The above website wants me to concatenate 3 <code>.pem</code> files which I don&#39;t have. I also don&#39;t understand why that needs to be done. Where can I find a more general guide to getting HTTPS working as the above one seems to be specific to StartSSL which doesn&#39;t have security class 1 ssl certs</p> <hr/>**评论：**<br/><br/>deusmetallum: <pre><p>You should have learned a lot more about SSL before you buy a certificate, but alas it&#39;s too late.</p> <p>Never mind.</p> <p>crt and pem files are the same thing really, so you can cat them together.</p> <p>Be sure to keep the original files though.</p></pre>Kraigius: <pre><p>In this day and age, it&#39;s a surprise that anyone still believe that they have to pay for a SSL certificate, especially non corporate users. <a href="https://letsencrypt.org/">https://letsencrypt.org/</a></p></pre>Oliviaruth: <pre><p>Until their wildcard support is out sometime next year, we still use other cas for some things. We were also holding off because LE would have made public key pinning riskier, but luckily the internet has decided to shun that particular technology. </p></pre>Kraigius: <pre><p>Amen, that wildcard support next year will be of good help.</p></pre>: <pre><p>[deleted]</p></pre>Kraigius: <pre><p>Well, encryption is one side of the coin but isn&#39;t it all about establishing a chain of trust and to ensure that the data isn&#39;t manipulated by a malicious node in the network?</p> <p>Anyways, I don&#39;t quite see how this is related about thinking that you have to pay $70 for a single domain certificate (price taken from GoDaddy).</p></pre>the_duck_life: <pre><p>As per <a href="https://stackoverflow.com/questions/991758/how-to-get-pem-file-from-key-and-crt-files" rel="nofollow">https://stackoverflow.com/questions/991758/how-to-get-pem-file-from-key-and-crt-files</a></p> <blockquote> <p>Your keys may already be in PEM format, but just named with .crt or .key.</p> <p>If they begin with -----BEGIN and you can read them in a text editor (they use base64, which is readable in ASCII, not binary format), they are in PEM format.</p> </blockquote> <p>There&#39;s a fair bit more information in that discussion, but you may need to use OpenSSL to transform the files into the format you need. (We have to do it every few years for our Windows servers. What a joy THAT is..)</p></pre>adamdecaf: <pre><p>I&#39;d recommend reading these articles at a minimum.</p> <ul> <li><a href="https://blog.cloudflare.com/exposing-go-on-the-internet/" rel="nofollow">https://blog.cloudflare.com/exposing-go-on-the-internet/</a></li> <li><a href="https://blog.cloudflare.com/the-complete-guide-to-golang-net-http-timeouts/" rel="nofollow">https://blog.cloudflare.com/the-complete-guide-to-golang-net-http-timeouts/</a></li> </ul></pre>