Sling Academy
Home/Golang/Securing HTTP Servers in Go with HTTPS and Certificates

Securing HTTP Servers in Go with HTTPS and Certificates

Last updated: November 27, 2024

Table of Contents

  1. Introduction
  2. Prerequisites
  3. Setting Up an HTTP Server in Go
  4. Moving from HTTP to HTTPS
    1. Generating a Self-signed TLS Certificate
    2. Integrating HTTPS into the Go Server
  5. Conclusion

Introduction

In today's internet-driven world, ensuring secure communication via web servers is critical. In this guide, we'll focus on securing HTTP servers written in the Go programming language by utilizing HTTPS and certificates.

Prerequisites

  • Basic understanding of Go programming language
  • Go environment setup on your machine

Setting Up an HTTP Server in Go

Before we dive into HTTPS, let's set up a basic HTTP server using Go. This will be our starting point.


package main

import (
    "fmt"
    "net/http"
)

func handler(w http.ResponseWriter, r *http.Request) {
    fmt.Fprintf(w, "Hello, this is an HTTP server!")
}

func main() {
    http.HandleFunc("/", handler)
    http.ListenAndServe(":8080", nil)
}

With this simple code snippet, you've initiated an HTTP server running on port 8080.

Moving from HTTP to HTTPS

To secure our server with HTTPS, we need to perform a few additional steps, including obtaining a TLS certificate.

Generating a Self-signed TLS Certificate

For development or testing purposes, you might choose to generate a self-signed certificate. Be aware that self-signed certificates are not trusted by default browsers and must be used cautively.


$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt

Running the above command will produce a server.key (private key) and server.crt (certificate) for use in your server configuration.

Integrating HTTPS into the Go Server

Next, let's modify our server code to utilize HTTPS with the TLS certificate.


package main

import (
    "fmt"
    "net/http"
)

func handler(w http.ResponseWriter, r *http.Request) {
    fmt.Fprintf(w, "Hello, this is an HTTPS server!")
}

func main() {
    http.HandleFunc("/", handler)
    err := http.ListenAndServeTLS(":443", "server.crt", "server.key", nil)
    if err != nil {
        fmt.Println("Error starting server:", err)
        return
    }
}

This modification uses the http.ListenAndServeTLS function, which listens for HTTPS connections on port 443 by default, utilizing our self-signed certificate.

Conclusion

You've successfully converted a basic HTTP server into a secure HTTPS server in Go using self-signed certificates. In production environments, always acquire certificates from certificate authorities to ensure that your server is trusted by clients.

Next Article: Creating WebSocket Servers in Go

Previous Article: Using Middleware to Extend Go HTTP Servers

Series: Networking and Server

Golang

Related Articles

How to set up and run Go in Ubuntu

How to set up and run Go in Ubuntu

November 20, 2024

You May Also Like

  • How to remove HTML tags in a string in Go
  • How to remove special characters in a string in Go
  • How to remove consecutive whitespace in a string in Go
  • How to count words and characters in a string in Go
  • Relative imports in Go: Tutorial & Examples
  • How to run Python code with Go
  • How to generate slug from title in Go
  • How to create an XML sitemap in Go
  • How to redirect in Go (301, 302, etc)
  • Using Go with MongoDB: CRUD example
  • Auto deploy Go apps with CI/ CD and GitHub Actions
  • Fixing Go error: method redeclared with different receiver type
  • Fixing Go error: copy argument must have slice type
  • Fixing Go error: attempted to use nil slice
  • Fixing Go error: assignment to constant variable
  • Fixing Go error: cannot compare X (type Y) with Z (type W)
  • Fixing Go error: method has pointer receiver, not called with pointer
  • Fixing Go error: assignment mismatch: X variables but Y values
  • Fixing Go error: array index must be non-negative integer constant