一般来说,我从GoDaddy获得了3个文件:
主证书文件
服务器私钥
捆绑文件
通过以下方式在Go服务器中配置了所有这些文件:
cert, err := tls.LoadX509KeyPair("myalcoholist.pem","myalcoholist.key")
if err != nil {
log.Fatalf("server: loadkeys: %s", err)
}
pem, err := ioutil.ReadFile("cert/sf_bundle-g2-g1.crt")
if err != nil {
log.Fatalf("Failed to read client certificate authority: %v", err)
}
if !certpool.AppendCertsFromPEM(pem) {
log.Fatalf("Can't parse client certificate authority")
}
tlsConfig := &tls.Config{
ClientCAs: certpool,
Certificates: []tls.Certificate{cert},
}
srv := &http.Server{
Addr: "myalcoholist.com:443",
Handler: n,
ReadTimeout: time.Duration(5) * time.Second,
WriteTimeout: time.Duration(5) * time.Second,
TLSConfig: tlsConfig,
}
err := srv.ListenAndServeTLS("cert/myalcoholist.pem","cert/myalcoholist.key")
网络服务器运行正常,当前发布在https://myalcoholist.com:443。
我使用验证了我的SSL
https://www.ssllabs.com/ssltest/analyze.html?d=myalcoholist.com,它的响应是This
server's certificate chain is incomplete. Grade capped to B.
您可以转到此链接查看所有详细结果。
我想念什么?