forked from mefellows/muxy
/
main.go
54 lines (47 loc) · 1.26 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package main
import (
"crypto/tls"
"crypto/x509"
"fmt"
"io"
"io/ioutil"
"log"
"net/http"
)
func helloServer(w http.ResponseWriter, req *http.Request) {
log.Println("MASSL Server - /hello called")
io.WriteString(w, "hello, world!\n")
}
func fileNotFoundServer(w http.ResponseWriter, req *http.Request) {
log.Println("404: ", req.URL.Path, "not found")
io.WriteString(w, fmt.Sprint("404", req.URL.Path, " not found\n"))
}
func main() {
http.HandleFunc("/hello", helloServer)
http.HandleFunc("/", fileNotFoundServer)
caCert, err := ioutil.ReadFile("ca.pem")
if err != nil {
log.Fatal(err)
}
caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(caCert)
// Setup HTTPS client
tlsConfig := &tls.Config{
ClientCAs: caCertPool,
// NoClientCert
// RequestClientCert
// RequireAnyClientCert
// VerifyClientCertIfGiven
// RequireAndVerifyClientCert
ClientAuth: tls.RequireAndVerifyClientCert,
}
tlsConfig.BuildNameToCertificate()
server := &http.Server{
Addr: ":8080",
TLSConfig: tlsConfig,
}
log.Println("MASSL Server Listening on port 8080")
log.Println("")
log.Println("curl --cacert ca.pem -E ./client.p12:password -v https://localhost:8080/hello")
server.ListenAndServeTLS("server-cert.pem", "server-key.pem") //private cert
}