Go 创建 HTTPS 服务

产生证书的代码脚本文件如下如下:

#!/usr/bin/env bash
case `uname -s` in
    Linux*)     sslConfig=/etc/ssl/openssl.cnf;;
    Darwin*)    sslConfig=/System/Library/OpenSSL/openssl.cnf;;
esac
openssl req \
    -newkey rsa:2048 \
    -x509 \
    -nodes \
    -keyout server.key \
    -new \
    -out server.pem \
    -subj /CN=localhost \
    -reqexts SAN \
    -extensions SAN \
    -config <(cat $sslConfig \
        <(printf '[SAN]\nsubjectAltName=DNS:localhost')) \
    -sha256 \
    -days 3650

然后会生成

# 私钥
server.key
# 证书
server.pem

import (
    "io"
    "log"
    "net/http"
)

func main() {
    http.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
        io.WriteString(w, "hello, world!\n")
    })

    if e := http.ListenAndServeTLS(":443", "server.pem", "server.key", nil); e != nil {
        log.Fatal("ListenAndServe: ", e)
    }
}

References

go tls实现TLS 服务器和客户端通讯 HTTP(S) Proxy in Golang in less than 100 lines of code 理解HTTP CONNECT通道