beego https服务重启、多证书支持
程序员文章站
2022-07-12 21:55:40
...
app.go
type App struct {
Handlers *ControllerRegister
Server *http.Server
HttpsServer *http.Server
}
// NewApp returns a new beego application.
func NewApp() *App {
cr := NewControllerRegister()
app := &App{Handlers: cr, Server: &http.Server{},HttpsServer:&http.Server{}}
return app
}
func ListenAndServeTLSSNI() error {
addr := ":https"
certs := BConfig.Listen.Certs
BeeApp.HttpsServer = &http.Server{}
srv := BeeApp.HttpsServer
srv.Handler = BeeApp.Handlers
config := &tls.Config{}
if srv.TLSConfig != nil {
*config = *srv.TLSConfig
}
if config.NextProtos == nil {
config.NextProtos = []string{"http/1.1"}
}
var err error
config.Certificates = make([]tls.Certificate, len(certs))
for i, v := range certs {
config.Certificates[i], err = tls.LoadX509KeyPair(v.CertFile, v.KeyFile)
if err != nil {
return err
}
}
config.BuildNameToCertificate()
conn, err := net.Listen("tcp", addr)
if err != nil {
return err
}
tlsListener := tls.NewListener(conn, config)
err = srv.Serve(tlsListener)
if err!=nil {
return err
}
return nil
}
Config.go
// Listen holds for http and https related config
type Listen struct {
Graceful bool // Graceful means use graceful module to start the server
ServerTimeOut int64
ListenTCP4 bool
EnableHTTP bool
HTTPAddr string
HTTPPort int
AutoTLS bool
Domains []string
TLSCacheDir string
EnableHTTPS bool
EnableMutualHTTPS bool
HTTPSAddr string
HTTPSPort int
HTTPSCertFile string
HTTPSKeyFile string
TrustCaFile string
EnableAdmin bool
AdminAddr string
AdminPort int
EnableFcgi bool
EnableStdIo bool // EnableStdIo works with EnableFcgi Use FCGI via standard I/O
EnableCRTS bool
Certs []Certificates
}
type Certificates struct {
CertFile string
KeyFile string
}
main.go
beego.BConfig.Listen.Certs = [
{CertFile: "static/a.crt",KeyFile: "static/a.key"},
{CertFile: "static/b.crt",KeyFile: "static/b.key"},
{CertFile: "static/c.crt",KeyFile: "static/c.key"},
]
beego.Run()
//开启https 服务
beego.ListenAndServeTLSSNI();
//停止https 服务
beego.BeeApp.HttpsServer.Shutdown(nil)