Index: app.go IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- app.go (date 1532101275000) +++ app.go (date 1532105406000) @@ -30,6 +30,7 @@ "github.com/astaxie/beego/grace" "github.com/astaxie/beego/logs" "github.com/astaxie/beego/utils" + "golang.org/x/crypto/acme/autocert" ) var ( @@ -125,7 +126,18 @@ server := grace.NewServer(httpsAddr, app.Handlers) server.Server.ReadTimeout = app.Server.ReadTimeout server.Server.WriteTimeout = app.Server.WriteTimeout - if BConfig.Listen.EnableMutualHTTPS { + if BConfig.Listen.AutoTLS { + m := autocert.Manager{ + Prompt: autocert.AcceptTOS, + HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...), + Cache: autocert.DirCache(BConfig.Listen.TLSCacheDir), + } + + app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate} + + BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", "" + + } else if BConfig.Listen.EnableMutualHTTPS { if err := server.ListenAndServeMutualTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile, BConfig.Listen.TrustCaFile); err != nil { logs.Critical("ListenAndServeTLS: ", err, fmt.Sprintf("%d", os.Getpid())) @@ -162,16 +174,28 @@ // run normal mode if BConfig.Listen.EnableHTTPS || BConfig.Listen.EnableMutualHTTPS { + go func() { time.Sleep(1000 * time.Microsecond) if BConfig.Listen.HTTPSPort != 0 { app.Server.Addr = fmt.Sprintf("%s:%d", BConfig.Listen.HTTPSAddr, BConfig.Listen.HTTPSPort) } else if BConfig.Listen.EnableHTTP { - BeeLogger.Info("Start https server error, conflict with http.Please reset https port") + BeeLogger.Info("Start https server error, conflict with http. Please reset https port") return } logs.Info("https server Running on https://%s", app.Server.Addr) - if BConfig.Listen.EnableMutualHTTPS { + if BConfig.Listen.AutoTLS { + m := autocert.Manager{ + Prompt: autocert.AcceptTOS, + HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...), + Cache: autocert.DirCache(BConfig.Listen.TLSCacheDir), + } + + app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate} + + BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", "" + + } else if BConfig.Listen.EnableMutualHTTPS { pool := x509.NewCertPool() data, err := ioutil.ReadFile(BConfig.Listen.TrustCaFile) if err != nil { @@ -190,6 +214,7 @@ endRunning <- true } }() + } if BConfig.Listen.EnableHTTP { go func() { Index: controller.go IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- controller.go (date 1532101275000) +++ controller.go (date 1532105474000) @@ -36,7 +36,7 @@ const ( applicationJSON = "application/json" applicationXML = "application/xml" - applicationYAML = "application/x-yaml" + applicationYAML = "application/x-yaml" textXML = "text/xml" ) Index: config.go IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- config.go (date 1532101275000) +++ config.go (date 1532105364000) @@ -55,6 +55,9 @@ EnableHTTP bool HTTPAddr string HTTPPort int + AutoTLS bool + Domains []string + TLSCacheDir string EnableHTTPS bool EnableMutualHTTPS bool HTTPSAddr string @@ -209,6 +212,9 @@ ServerTimeOut: 0, ListenTCP4: false, EnableHTTP: true, + AutoTLS: false, + Domains: []string{}, + TLSCacheDir: ".", HTTPAddr: "", HTTPPort: 8080, EnableHTTPS: false,