在Heroku服务器上部署Golang Martini框架的HTTPS服务。

huangapple go评论89阅读模式
英文:

Deploy golang martini HTTPS on Heroku server

问题

我正在尝试在Heroku上部署一个使用Golang-martini的HTTPS网站。

以下是我已经完成的步骤:

  • 我已经在Heroku上启用了SSL端点(这是一个付费插件服务)。

  • 我已经购买了CA证书密钥,并且可以在Heroku上部署。所以,heroku certs显示如下:(注意:公司名称/端点地址已更改)


    Endpoint || Common Name(s) || Expires || Trusted


    xxx.herokussl.com || server.sample.com || 2016-05-25 23:59 UTC || True

这是我的Golang代码示例:

m := martini.Classic()
martini.Env = martini.Prod
m.Use(secure.Secure(secure.Options{
    SSLRedirect: false,
}))

//因为我想保持HTTP和HTTPS都可用。
go func() {
    if err := http.ListenAndServe(":"+os.Getenv("PORT"), m); err != nil {
        log.Println(err)
    }
}()

// HTTPS:
if err := http.ListenAndServeTLS(":443", "server.crt", "server.key", m); err != nil {
    log.Println(err)
}

以下是我的问题:

  • 如果我将ListenAndServeTLS端口设置为8443(或其他端口),当我尝试使用curl -vI https://server.sample.com进行测试时,会显示错误:

    "curl: (60) SSL certificate problem: Invalid certificate chain"

  • 如果我将ListenAndServeTLS端口设置为443,会显示:

    "listen tcp :443: bind: permission denied"

请指导我如何在Heroku上使用Go-martini部署HTTPS网站,谢谢。

英文:

I am trying to deploy an HTTPS web side on Heroku using Golang-martini.

Here is the list I already done:

  • I already enable SSL endpoint in Heroku. (it is paid plugin services)

  • I already purchase my CA certificate key and it could be deploy Heroku. So, heroku certs shows: (note: the company name/endpoint address change)


    Endpoint || Common Name(s) || Expires || Trusted


    xxx.herokussl.com || server.sample.com || 2016-05-25 23:59 UTC || True

And here is my code sample in Golang.

m := martini.Classic()
martini.Env = martini.Prod
m.Use(secure.Secure(secure.Options{
	SSLRedirect: false,
}))


//Because I want to keep HTTP and HTTPs enable.
go func() {
	if err := http.ListenAndServe(":"+os.Getenv("PORT"), m); err != nil {
		log.Println(err)
	}
}()

// HTTPS: 
if err := http.ListenAndServeTLS(":443", "server.crt", "server.key", m); err != nil {
	log.Println(err)
}

Here are the my Questions:

  • If I set the ListenAndServeTLS port in 8443 (or something else) it will show error when I trying to test with curl -vI https://server.sample.com. It will show error as:

    "curl: (60) SSL certificate problem: Invalid certificate chain"

  • If I set the ListenAndServeTLS port to 443, it will show:

    "listen tcp :443: bind: permission denied"

Please advise how I deploy HTTPs with Go-martini on Heroku, thanks..

答案1

得分: 3

如果你将应用部署到Heroku上,它将不会提供HTTPS服务。SSL连接将在Heroku的负载均衡器上终止,并且纯HTTP流量将被转发到你的应用程序。

所以你只需要在环境中监听HTTP端口即可。

英文:

Your app won't serve HTTPS if you are deploying to Heroku. The SSL connection will be terminated at the load balancers of Heroku and plain HTTP traffic will be forwarded to your application.

So all you have to do is to listen on HTTP on the Port from the environment.

huangapple
  • 本文由 发表于 2015年5月28日 16:40:56
  • 转载请务必保留本文链接:https://go.coder-hub.com/30501388.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定