带Websockets服务器的SSL / TLS - go lang

时间:2017-06-06 23:45:21

标签: ssl go websocket openssl tls1.2

我正在使用collider(https://github.com/webrtc/apprtc/tree/master/src/collider -a websockets服务器),我正在尝试添加SSL / TLS支持。我为此生成了自签名证书:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:CA
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:testwebsite.com
Organizational Unit Name (eg, section) []:Engineering
Common Name (e.g. server FQDN or YOUR name) []:www.testwebsite.com
Email Address []:testwebsite@gmail.com

当我运行对撞机时,我看到了这个错误:

2017/06/05 21:25:50 Error Run: crypto/tls: failed to parse private key

当我使用生成时(基于http://www.kaihag.com/https-and-go/):

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem

我收到此错误:

2017/06/05 22:11:31 http: TLS handshake error from <some-ip>:1082: remote error: unknown certificate

如何解决这个问题?

注意:对撞机使用golang.org/x/net/websocket

1 个答案:

答案 0 :(得分:1)

我最终从https://certbot.eff.org/#ubuntuxenial-other

获取证书
certbot certonly --standalone -d example.com -d www.example.com

我必须使用fullchain.pem而不是cert.pem来使这个对手工作:

https://github.com/webrtc/apprtc/issues/442