How to set up HTTPS on golang web server?

blov · · 469 次点击    
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
<p>I&#39;m reading <a href="https://www.kaihag.com/https-and-go/">https://www.kaihag.com/https-and-go/</a> and bought an SSL certificate from Comodo which they emailed me a <code>.zip</code> file. All of my files so far look like this</p> <pre><code>csr.pem private-key.pem website.com.crt website.com.ca-bundle website.com.zip </code></pre> <p>The above website wants me to concatenate 3 <code>.pem</code> files which I don&#39;t have. I also don&#39;t understand why that needs to be done. Where can I find a more general guide to getting HTTPS working as the above one seems to be specific to StartSSL which doesn&#39;t have security class 1 ssl certs</p> <hr/>**评论:**<br/><br/>deusmetallum: <pre><p>You should have learned a lot more about SSL before you buy a certificate, but alas it&#39;s too late.</p> <p>Never mind.</p> <p>crt and pem files are the same thing really, so you can cat them together.</p> <p>Be sure to keep the original files though.</p></pre>Kraigius: <pre><p>In this day and age, it&#39;s a surprise that anyone still believe that they have to pay for a SSL certificate, especially non corporate users. <a href="https://letsencrypt.org/">https://letsencrypt.org/</a></p></pre>Oliviaruth: <pre><p>Until their wildcard support is out sometime next year, we still use other cas for some things. We were also holding off because LE would have made public key pinning riskier, but luckily the internet has decided to shun that particular technology. </p></pre>Kraigius: <pre><p>Amen, that wildcard support next year will be of good help.</p></pre>: <pre><p>[deleted]</p></pre>Kraigius: <pre><p>Well, encryption is one side of the coin but isn&#39;t it all about establishing a chain of trust and to ensure that the data isn&#39;t manipulated by a malicious node in the network?</p> <p>Anyways, I don&#39;t quite see how this is related about thinking that you have to pay $70 for a single domain certificate (price taken from GoDaddy).</p></pre>the_duck_life: <pre><p>As per <a href="https://stackoverflow.com/questions/991758/how-to-get-pem-file-from-key-and-crt-files" rel="nofollow">https://stackoverflow.com/questions/991758/how-to-get-pem-file-from-key-and-crt-files</a></p> <blockquote> <p>Your keys may already be in PEM format, but just named with .crt or .key.</p> <p>If they begin with -----BEGIN and you can read them in a text editor (they use base64, which is readable in ASCII, not binary format), they are in PEM format.</p> </blockquote> <p>There&#39;s a fair bit more information in that discussion, but you may need to use OpenSSL to transform the files into the format you need. (We have to do it every few years for our Windows servers. What a joy THAT is..)</p></pre>adamdecaf: <pre><p>I&#39;d recommend reading these articles at a minimum.</p> <ul> <li><a href="https://blog.cloudflare.com/exposing-go-on-the-internet/" rel="nofollow">https://blog.cloudflare.com/exposing-go-on-the-internet/</a></li> <li><a href="https://blog.cloudflare.com/the-complete-guide-to-golang-net-http-timeouts/" rel="nofollow">https://blog.cloudflare.com/the-complete-guide-to-golang-net-http-timeouts/</a></li> </ul></pre>

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

469 次点击  
加入收藏 微博
0 回复
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传