httpscerts

package module
v0.0.0-...-2c461ce Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 15, 2017 License: BSD-3-Clause Imports: 15 Imported by: 3

README

httpscerts

A simple library to generate server certs and keys for HTTPS support directly within your Go program.

The code is modified from http://golang.org/src/crypto/tls/generate_cert.go.

Use this library for testing purposes only, e.g. to experiment with the built-in Go HTTPS server. Do NOT use in production!

PR for this fork is https://github.com/kabukky/httpscerts/pull/1.

Usage

package main
    
import (
    "fmt"
    "github.com/gerald1248/httpscerts"
    "log"
    "net/http"
)
    
func handler(w http.ResponseWriter, r *http.Request) {
    fmt.Fprintf(w, "Hi there!")
}
    
func main() {
    // Check if the cert files are available.
    err := httpscerts.Check("cert.pem", "key.pem")
    // If they are not available, generate new ones.
    if err != nil {
        err = httpscerts.Generate("cert.pem", "key.pem", "127.0.0.1:8081")
        if err != nil {
            log.Fatal("Error: Couldn't create https certs.")
        }
    }
    http.HandleFunc("/", handler)
    http.ListenAndServeTLS(":8081", "cert.pem", "key.pem", nil)
}

Alternative usage without disk access

The method httpscerts.GenerateArrays() has been added to enable use cases where writing to disk is not desirable. If the initial check fails, a tls.Certificate is populated and passed to a http.Server instance.

package main

import (
	"crypto/tls"
	"fmt"
	"github.com/gerald1248/httpscerts"
	"log"
	"net/http"
	"time"
)

type testHandler struct {
}

func (t *testHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "Hi there!")
}

func main() {
	// Check if the cert files are available.
	certFile := "cert.pem"
	keyFile := "key.pem"
	err := httpscerts.Check(certFile, keyFile)

	var handler = &testHandler{}

	// If they are not available, generate new ones.
	if err != nil {
		cert, key, err := httpscerts.GenerateArrays("127.0.0.1:8081")
		if err != nil {
			log.Fatal("Error: Couldn't create https certs.")
		}

		keyPair, err := tls.X509KeyPair(cert, key)
		if err != nil {
			log.Fatal("Error: Couldn't create key pair")
		}

		var certificates []tls.Certificate
		certificates = append(certificates, keyPair)

		cfg := &tls.Config{
			MinVersion:               tls.VersionTLS12,
			PreferServerCipherSuites: true,
			Certificates:             certificates,
		}

		s := &http.Server{
			Addr: ":8081",
			Handler:        handler,
			ReadTimeout:    10 * time.Second,
			WriteTimeout:   10 * time.Second,
			MaxHeaderBytes: 1 << 20,
			TLSConfig:      cfg,
		}
		log.Fatal(s.ListenAndServeTLS("", ""))
	}

	log.Fatal(http.ListenAndServeTLS(":8081", certFile, keyFile, handler))
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Check

func Check(certPath string, keyPath string) error

func Generate

func Generate(certPath, keyPath, host string) error

func GenerateArrays

func GenerateArrays(host string) ([]byte, []byte, error)

generate cert and key byte arrays these can then be used to populate the server configuration in place of files on disk

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL