我正在使用collider(https://github.com/webrtc/apprtc/tree/master/src/collider -a websockets服务器),我正在尝试添加SSL / TLS支持。我为此生成了自签名证书:
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:CA
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:testwebsite.com
Organizational Unit Name (eg, section) []:Engineering
Common Name (e.g. server FQDN or YOUR name) []:www.testwebsite.com
Email Address []:testwebsite@gmail.com
当我运行对撞机时,我看到了这个错误:
2017/06/05 21:25:50 Error Run: crypto/tls: failed to parse private key
当我使用生成时(基于http://www.kaihag.com/https-and-go/):
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem
我收到此错误:
2017/06/05 22:11:31 http: TLS handshake error from <some-ip>:1082: remote error: unknown certificate
如何解决这个问题?
注意:对撞机使用golang.org/x/net/websocket
答案 0 :(得分:1)
我最终从https://certbot.eff.org/#ubuntuxenial-other
获取证书certbot certonly --standalone -d example.com -d www.example.com
我必须使用fullchain.pem而不是cert.pem来使这个对手工作: