Kevin Yuan
Reputation: 1028
What is the proper way to handle TLSNextProto in golang net/http?
Playing with golang's net/http package and SPDY. Something is really confusing me:
The *tls.Conn of TLSNextProto function can't be read at all. Any read attempt will get a "connection reset by peer" error.
Run the following program, and then access https://localhost:8080/ using Chrome with SPDY enabled.
Am I using the TLS connection object in a wrong way? Please help.
package main
import (
"crypto/tls"
"log"
"net/http"
)
func main() {
server := &http.Server{
Addr: ":8080",
TLSConfig: &tls.Config{
NextProtos: []string{"spdy/3"},
},
TLSNextProto: map[string]func(*http.Server, *tls.Conn, http.Handler){
"spdy/3": func(s *http.Server, conn *tls.Conn, h http.Handler) {
buf := make([]byte, 1)
if n, err := conn.Read(buf); err != nil {
log.Panicf("%v|%v\n", n, err)
}
},
},
}
err := server.ListenAndServeTLS("/path/to/host.cert", "/path/to/host.key")
if err != nil {
log.Fatal(err)
}
}
Upvotes: 3
Views: 3411
Answers (1)
Kevin Yuan
Reputation: 1028
OK. I got it. It is the certificate issue. If the certificate used by server.ListenAndServeTLS() is not signed by a CA trusted by the browser(Chrome), connection will be reset. For creating you own CA and cert, following http://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate-authority/
Upvotes: 2
Related Questions
- Golang - TLS handshake error
- TLS : Handshake Failure Using GoLang tls client
- Issues with TLS connection in Golang
- How do you build a tls.Certficate chain in Go?
- Golang HTTPS/TLS POST client/server
- Golang: http2 and TLS handshake errors
- golang: Send http request with certificate
- Go TLS connection
- Http GET requests over one tls connection using Go
- Golang: how to specify certificate in TLS config for http client