英文:
SSL with GoLang using reverse proxy Nginx
问题
我目前正在编写一个 GoLang 网站,希望尽快添加 SSL。我的问题是,使用内置的 Golang SSL 包有什么优缺点,或者我是否可以只使用 nginx 来进行反向代理时进行 SSL?
英文:
I am currently writing a GoLang website and would like to add SSL soon. My question is what are the advantages/disadvantages of using the built-in Golang SSL packages or should/can I just do SSL with the nginx when I use it for the reverse proxy?
答案1
得分: 6
这是翻译好的内容:
最终决定权在你手中,但是nginx的SSL配置非常灵活、经过实战验证且性能出色。
- nginx可以提供SSL会话缓存以提升性能 -
ssl_session_cache - 良好的密码兼容性
- 我相信nginx的SSL实现比Go的更快(更高的请求数/秒和更低的CPU使用率),但我自己没有进行过测试。考虑到nginx项目的成熟度,这并不令人意外。
- 其他好处包括对代理和静态内容的响应缓存。
当然,缺点是它是另一个需要配置的组件。然而,如果你已经计划使用nginx作为反向代理,我建议你也将其用于SSL。
英文:
It is ultimately up to you, but nginx's SSL configuration is extremely configurable, battle-tested and performant.
- nginx can provide an SSL session cache to boost performance -
ssl_session_cache - Good cipher compatibility
- I believe that nginx's SSL implementation is faster (more req/s and less CPU) than Go's, but have not tested this myself. This would not be surprising given maturity of the nginx project.
- Other benefits like response caching for both proxied and static content.
The downside, of course, is that it's another moving part that requires configuration. If you are already planning to use nginx as a reverse proxy however I would use it for SSL as well.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论