Can net/http be used with Let's Encrypt?

agolangf · · 815 次点击    
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
<p>I mean, you absolutely can load the certificates and spin up a TLS server, but afaict there&#39;s no easy way to reload them once they are renewed. The documentation says that you must not change tls.Config. How would you do this?</p> <hr/>**评论:**<br/><br/>nhooyr: <pre><p>There is a callback function <code>GetCertificate</code> in tls.Config</p></pre>captncraig: <pre><p>Yeah, I believe <a href="https://github.com/xenolf/lego">https://github.com/xenolf/lego</a> has an example for using their library this way.</p></pre>Vonney: <pre><p>I&#39;d look at the source of Caddy.</p></pre>captncraig: <pre><p>Or use caddy as a proxy in front of your go app. That&#39;s what I do.</p></pre>fighterjet-biceps: <pre><p>I solved this problem by serving my app behind nginx. The problem of managing certs is made less painful and you&#39;re given access to nginx&#39;s excellent feature set for caching and load balancing.</p></pre>v1rous: <pre><p>Haven&#39;t taken the time to look into baking HTTPS into a go app. However, IMO an nginx proxy is the right tool for this job.</p></pre>pyratzu: <pre><p>I made package that will handle updated lets encrypt cents</p> <p>go get -u github.com/CossackPyra/pyrahttp</p> <p>pyrahttp.ListenAndServeLetsEncrypt(&#34;:7544&#34;, &#34;/home/user/cert/game01.example.com/fullchain.pem&#34;, &#34;/home/user/cert/game01.example.com/privkey.pem, nil)</p> <p>Post in Russian language <a href="https://habrahabr.ru/post/274749/" rel="nofollow">https://habrahabr.ru/post/274749/</a></p> <p>I will try to make English post tomorrow.</p> <p>I plan to release more code we use to handle lets encrypt in production with our game servers </p></pre>

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

815 次点击  
加入收藏 微博
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传