{"id":28347305,"url":"https://github.com/luizhlelis/go-lang-https-self-signed","last_synced_at":"2025-07-29T15:10:35.126Z","repository":{"id":57557663,"uuid":"320862262","full_name":"luizhlelis/go-lang-https-self-signed","owner":"luizhlelis","description":"Sample of a self signed certificate https server in golang. This repo demonstrates to you the best way to up your self signed cert in golang. It shows in a simple way how to generate and trust the ssl certificate and how to serve a https server in golang.","archived":false,"fork":false,"pushed_at":"2023-02-08T02:10:39.000Z","size":393,"stargazers_count":15,"open_issues_count":0,"forks_count":8,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-06-30T11:03:15.939Z","etag":null,"topics":["golang","https","https-server","ssl","ssl-certificates","tls","tls-certificate"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/luizhlelis.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-12-12T15:31:24.000Z","updated_at":"2025-02-09T20:06:50.000Z","dependencies_parsed_at":"2024-06-20T08:01:08.909Z","dependency_job_id":"59e44af5-0359-41a2-ab11-534ade8f1244","html_url":"https://github.com/luizhlelis/go-lang-https-self-signed","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/luizhlelis/go-lang-https-self-signed","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/luizhlelis%2Fgo-lang-https-self-signed","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/luizhlelis%2Fgo-lang-https-self-signed/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/luizhlelis%2Fgo-lang-https-self-signed/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/luizhlelis%2Fgo-lang-https-self-signed/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/luizhlelis","download_url":"https://codeload.github.com/luizhlelis/go-lang-https-self-signed/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/luizhlelis%2Fgo-lang-https-self-signed/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267706281,"owners_count":24131097,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-29T02:00:12.549Z","response_time":2574,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","https","https-server","ssl","ssl-certificates","tls","tls-certificate"],"created_at":"2025-05-27T15:46:09.242Z","updated_at":"2025-07-29T15:10:35.084Z","avatar_url":"https://github.com/luizhlelis.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Building a self signed certificate https server in golang\n\nThis repository will be useful to you if you want to create a self signed server in `golang`. The client is only an `ash` file which runs `curls` to get `https` server home page after trusted its certificate.\n\n## Running the project\n\nTo up the client and server containers, run the command below:\n\n``` bash\ndocker-compose up\n```\n\n## Server\n\nThe command above will firstly up the server container and will run an ash file called `generate-certificate.sh` that generates a `servercert.key` file which is the private key and `servercert.csr` which is the certificate signing request (CSR) that contains the public key. The `CN` passed in `-subj` is the most important field because some browsers like chrome require that information. `CN` means Common Name and it's the domain name that you would like to have SSL secured. Then, the certificate file will be generated, this file named `servercert.crt` is generated by the last command in the `ash` and it's the self-signed certificate signed by your own `servercert.key` private key. The `x509` flag states the standard format of an SSL/TLS certificate which is `X.509`. Finally, the `https` server will go up because of the `go run main.go` command.\n\nIn the `main.go` file we used the cert and the key to serve the `https` self signed server:\n\n``` go\nfunc handleRequests() {\n\n  tlsCert := os.Getenv(\"tls-certificate\")\n  tlsKey := os.Getenv(\"tls-key\")\n  serverPort := os.Getenv(\"server-port\")\n\n  router := mux.NewRouter().StrictSlash(true)\n  controllers.HandleHomeRoutes(router, \"https\")\n\n  log.Fatal(http.ListenAndServeTLS(serverPort, tlsCert, tlsKey, router))\n}\n```\n\nand in the `.env` file we declare the cert and key places in the folder hierarchy:\n\n``` env\ntls-certificate=\"certificates/servercert.crt\"\ntls-key=\"servercert.key\"\n```\n\n## Client\n\nThe client container has a volume where the server certificate was genereted: `./server/certificates:/certificates`. The reason is because the client needs to trust that certificate to make `https` calls and aply the `TLS` protocol with the two way handshake. That trust was made with the command `update-ca-certificates` when we run `trust-server-certificate.sh`, than we can call the `https` server normally, in the present example we use `curl` calls in the `get-server-home.sh` file.\n\n## Running only the server with a client running locally\n\nTo up only the server, run the command below:\n\n``` bash\ndocker-compose up server\n```\n\nthan you can run your `https` calls to the server locally. But before, you need to trust the server certificate, if you're using a linux OS, trust the server with the commands described in the `trust-server-certificate.sh` file. Otherwise, follow the steps below:\n\n[Mac Os](https://tosbourn.com/getting-os-x-to-trust-self-signed-ssl-certificates/)\n\n[Windows](https://superuser.com/questions/370217/trust-ssl-certificate-to-local-system-account)\n\n[Linux](https://unix.stackexchange.com/questions/90450/adding-a-self-signed-certificate-to-the-trusted-list)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fluizhlelis%2Fgo-lang-https-self-signed","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fluizhlelis%2Fgo-lang-https-self-signed","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fluizhlelis%2Fgo-lang-https-self-signed/lists"}