Can net/http be used with Let's Encrypt?

agolangf · 2016-02-02 04:01:18 · 860 次点击    
这是一个分享于 2016-02-02 04:01:18 的资源,其中的信息可能已经有所发展或是发生改变。

I mean, you absolutely can load the certificates and spin up a TLS server, but afaict there's no easy way to reload them once they are renewed. The documentation says that you must not change tls.Config. How would you do this?


评论:

nhooyr:

There is a callback function GetCertificate in tls.Config

captncraig:

Yeah, I believe https://github.com/xenolf/lego has an example for using their library this way.

Vonney:

I'd look at the source of Caddy.

captncraig:

Or use caddy as a proxy in front of your go app. That's what I do.

fighterjet-biceps:

I solved this problem by serving my app behind nginx. The problem of managing certs is made less painful and you're given access to nginx's excellent feature set for caching and load balancing.

v1rous:

Haven't taken the time to look into baking HTTPS into a go app. However, IMO an nginx proxy is the right tool for this job.

pyratzu:

I made package that will handle updated lets encrypt cents

go get -u github.com/CossackPyra/pyrahttp

pyrahttp.ListenAndServeLetsEncrypt(":7544", "/home/user/cert/game01.example.com/fullchain.pem", "/home/user/cert/game01.example.com/privkey.pem, nil)

Post in Russian language https://habrahabr.ru/post/274749/

I will try to make English post tomorrow.

I plan to release more code we use to handle lets encrypt in production with our game servers


入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

860 次点击  
加入收藏 微博
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传