privatetls

package module

v0.3.0 Latest Latest Go to latest Published: Mar 3, 2021 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/netbucket/privatetls

Links

Open Source Insights

README ¶

PrivateTLS

A Golang library for quickly and easily starting a private HTTPS server with a self-signed TLS certificate, without requiring any preparatory work, such as pre-generating a cert with openssl. PrivateTLS generates a self-sigend certificate in memory, with no need for disk I/O.

This library is meant for use with private HTTPS services, where the use of a trusted third party Certificate Authority is not desirable, or not practical.

For all other situations, please do not use this library. Instead, use any available commercial CA providers, or use the free service from Let's Encrypt.

Quick Start

The easiest way to generate a certificate and start the server, is to use the privatetls.StartHTTPSListener() function:

package main

import (
	"fmt"
	"net/http"

	"github.com/netbucket/privatetls"
)

func main() {
	http.HandleFunc("/", helloHandler)

	// Generate a self-sgined cert and start an HTTPS listener on port 8443
	privatetls.StartHTTPSListener(":8443")
}

func helloHandler(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "Hello from PrivateTLS!")
}

The call to StartHTTPSListener will generate a self-signed RSA based TLS certificate with a random 2048 bit key. The certificate is valid for 1 year.

More control

If you want more control over the TLS configuration, use privatetls.NewCert() to generate a certificate and return it back to you:

package main

import (
	"crypto/tls"
	"fmt"
	"log"
	"net/http"

	"github.com/netbucket/privatetls"
)

func main() {
	http.HandleFunc("/", helloHandler)

	s := http.Server{}

	// Use port 8443 for the TLS/HTTPS server
	s.Addr = ":8443"

	// Generate a self-sifned certificate
	selfSignedCert, err := privatetls.NewCert()

	if err != nil {
		log.Fatal(err)
	}

	// Assign the generated self-signed cert to this server
	s.TLSConfig = &tls.Config{
		Certificates: []tls.Certificate{selfSignedCert},
	}

	// Start the TLS server. Use blank cert and key file values.
	s.ListenAndServeTLS("", "")

}

func helloHandler(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "Hello from PrivateTLS!")
}

That's it.

Documentation ¶

Index ¶

func NewCert() (tls.Certificate, error)
func StartHTTPSListener(service string) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewCert ¶

func NewCert() (tls.Certificate, error)

NewCert Generates a self-signed TLS certificate. The certificate will use the x509.SHA256WithRSA algorithm with a random 2048 bit key, and will be valid for 1 year.

func StartHTTPSListener ¶

func StartHTTPSListener(service string) error

StartHTTPSListener starts an HTTPS server at the address specified by the service parameter using self-signed TLS certificate. If blank, the default value of ":https" is used. The listener will use a self-signed RSA based TLS certificate with a random 2048 bit key. The certificate is valid for 1 year.

Types ¶

This section is empty.

Source Files ¶

View all Source files

tls.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL