- Your server must be reachable through the provided domain name, this is how LetsEncrypt verifies domain ownership and grants your server a trusted certificate
ss, err := sslmgr.NewSecureServer(handler, "yourhostname.com")
if err != nil {
log.Fatal(err)
}
ss.ListenAndServe()
Note: This option uses the file system as the certificate cache. If your use case does not have a persistent file system, you should provide a value for CertCache in the ServerConfig as shown below.
(Using the certcache library to define a cache)
ss, err := sslmgr.NewServer(sslmgr.ServerConfig{
Hostnames: []string{os.Getenv("CN_FOR_CERTIFICATE")},
HTTPPort: ":80",
HTTPSPort: ":443",
Handler: h,
ServeSSLFunc: func() bool {
return strings.ToLower(os.Getenv("PROD")) == "true"
},
CertCache: certcache.NewLayered(
certcache.NewLogger(),
autocert.DirCache("."),
),
ReadTimeout: 5 * time.Second,
WriteTimeout: 5 * time.Second,
IdleTimeout: 25 * time.Second,
GracefulnessTimeout: 5 * time.Second,
GracefulShutdownErrHandler: func(e error) {
log.Fatal(e)
},
})
if err != nil {
log.Fatal(err)
}
ss.ListenAndServe()