英文:
Howto write https sever no certificate in golang?
问题
我正在尝试编写一个接受HTTPS请求但客户端没有证书的服务器逻辑,我该如何编写呢?
英文:
I am trying to write a server logic which takes 'https' request but client does not have any certificate, how do I write it?
答案1
得分: 0
Https请求需要SSL证书。你可以创建一个自签名的证书,但是对于任何准备投入生产的服务器,你应该获取一个真实有效的证书。
创建自签名证书的一种方法是:https://devcenter.heroku.com/articles/ssl-certificate-self
英文:
Https requests require SSL Certificates.. you can create a self signed one, but you should get a real, valid certificate for any production ready server.
Just 1 way to make a self signed cert: https://devcenter.heroku.com/articles/ssl-certificate-self
答案2
得分: 0
这可以根据你实际的问题有两种不同的方向。
如果你问的是如何在服务器没有证书的情况下托管https请求,那是不可能的。https请求意味着连接是由SSL/TLS加密的,这必须需要服务器证书才能正常工作。
如果你问的是如何托管https请求而不需要客户端证书,那就是另外一回事了,实际上这是http.Server的默认行为。你实际上需要设置https.Server的ClientAuth字段(例如,设置为http.RequireAndVerifyClientCert)才能要求客户端提供证书。如果你不设置这个字段,它的默认值是http.NoClientCert,允许客户端连接而不需要证书,并且即使提供了证书也不会验证。
英文:
This could go two different directions depending on what you're actually asking.
If you're asking how to host https requests without the server having a certificate, that's impossible. https requests mean that the connection is secured by SSL/TLS, which necessarily requires a server certificate to function.
If you're asking how to host https requests without requiring clients to have certificates, that's another matter, and in fact is the default behavior of the http.Server. You actually have to set the https.Server field ClientAuth (for example, to http.RequireAndVerifyClientCert) in order to actually require those certs. If you don't set this field, the default value is http.NoClientCert, which allows client connections without certificates, and doesn't validate the certs even if they are presented.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论