golang生成安全证书,用于本地调试https
package main
import(
// "crypto/rand"
// "crypto/rsa"
// "crypto/x509"
// "crypto/x509/pkix"
// "encoding/pem"
// "math/big"
// "net"
// "os"
// "time"
"net/http"
"log"
"io"
)
func main(){
// max:=new(big.Int).Lsh(big.NewInt(1),128)
// serialNumber,_:=rand.Int(rand.Reader,max)
// subject:=pkix.Name{
// Organization:[]string{"燕子李三"},
// OrganizationalUnit:[]string{"Books"},
// CommonName:"GO Web",
// }
// rootTemplate := x509.Certificate{
// SerialNumber: serialNumber,
// Subject:subject,
// NotBefore: time.Now(),
// NotAfter:time.Now().Add(365*time.Hour),
// KeyUsage:x509.KeyUsageKeyEncipherment,
// ExtKeyUsage:[]x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
// IPAddresses:[]net.IP{net.ParseIP("127.0.0.1")},
// }
// pk,_:=rsa.GenerateKey(rand.Reader,2048)
// derBytes,_:=x509.CreateCertificate(rand.Reader,&rootTemplate,&rootTemplate,&pk.PublicKey,pk)
// certOut,_:=os.Create("cert.pem")
// pem.Encode(certOut,&pem.Block{Type:"CERTIFICATE",Bytes:derBytes})
// certOut.Close()
// keyOut,_:=os.Create("key.pem")
// pem.Encode(keyOut,&pem.Block{Type:"RSA PRIVATE KEY",Bytes:x509.MarshalPKCS1PrivateKey(pk)})
// keyOut.Close()
http.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
io.WriteString(w, "Hello, TLS!\n")
})
// One can use generate_cert.go in crypto/tls to generate cert.pem and key.pem.
log.Printf("About to listen on 8443. Go to https://127.0.0.1:8443/")
err := http.ListenAndServeTLS(":8443", "cert.pem", "key.pem", nil)
log.Fatal(err)
}