Next: , Previous: , Up: Top  


TLS support

You can enable TLS support by specifying PEM-encoded X.509 certificate and private key files. Go’s TLS implementation supports TLS 1.3, HTTP/2 negotiation, Keep-Alives, modern ciphersuites and ECC.

For example generate some self-signed certificate using GnuTLS toolset:

$ certtool --generate-privkey --ecc --outfile prv.pem
$ cert_template=`mktemp`
$ echo cn=gocheese.host > $cert_template
$ certtool \
    --generate-self-signed \
    --load-privkey=prv.pem \
    --template $cert_template \
    --outfile=cert.pem
$ rm $cert_template
$ gocheese -tls-cert cert.pem -tls-key prv.pem [...]