Skip to content
/ go-lang-https-self-signed Public

Sample of a self signed certificate https server in golang. This repo demonstrates to you the best way to up your self signed cert in golang. It shows in a simple way how to generate and trust the ssl certificate and how to serve a https server in golang.

11 stars 9 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

luizhlelis/go-lang-https-self-signed

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
client
client
 
 
docs
docs
 
 
server
server
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

Building a self signed certificate https server in golang

This repository will be useful to you if you want to create a self signed server in golang. The client is only an ash file which runs curls to get https server home page after trusted its certificate.

Running the project

To up the client and server containers, run the command below:

docker-compose up

Server

The command above will firstly up the server container and will run an ash file called generate-certificate.sh that generates a servercert.key file which is the private key and servercert.csr which is the certificate signing request (CSR) that contains the public key. The CN passed in -subj is the most important field because some browsers like chrome require that information. CN means Common Name and it's the domain name that you would like to have SSL secured. Then, the certificate file will be generated, this file named servercert.crt is generated by the last command in the ash and it's the self-signed certificate signed by your own servercert.key private key. The x509 flag states the standard format of an SSL/TLS certificate which is X.509. Finally, the https server will go up because of the go run main.go command.

In the main.go file we used the cert and the key to serve the https self signed server:

func handleRequests() {

  tlsCert := os.Getenv("tls-certificate")
  tlsKey := os.Getenv("tls-key")
  serverPort := os.Getenv("server-port")

  router := mux.NewRouter().StrictSlash(true)
  controllers.HandleHomeRoutes(router, "https")

  log.Fatal(http.ListenAndServeTLS(serverPort, tlsCert, tlsKey, router))
}

and in the .env file we declare the cert and key places in the folder hierarchy:

tls-certificate="certificates/servercert.crt"
tls-key="servercert.key"

Client

The client container has a volume where the server certificate was genereted: ./server/certificates:/certificates. The reason is because the client needs to trust that certificate to make https calls and aply the TLS protocol with the two way handshake. That trust was made with the command update-ca-certificates when we run trust-server-certificate.sh, than we can call the https server normally, in the present example we use curl calls in the get-server-home.sh file.

Running only the server with a client running locally

To up only the server, run the command below:

docker-compose up server

than you can run your https calls to the server locally. But before, you need to trust the server certificate, if you're using a linux OS, trust the server with the commands described in the trust-server-certificate.sh file. Otherwise, follow the steps below:

Mac Os

Windows

Linux

About

Sample of a self signed certificate https server in golang. This repo demonstrates to you the best way to up your self signed cert in golang. It shows in a simple way how to generate and trust the ssl certificate and how to serve a https server in golang.

Topics

tls golang ssl https ssl-certificates https-server tls-certificate

Resources

Readme
Activity

Stars

11 stars

Watchers

4 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages