Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net/http: Server.ListenAndServeTLS not compatible with tls.Config.GetCertificate #14268

Closed
bradfitz opened this issue Feb 8, 2016 · 1 comment

Comments

Projects
None yet
2 participants
@bradfitz
Copy link
Member

commented Feb 8, 2016

@willchan noted that it's not possible to use net/http.Server.ListenAndServeTLS with a tls.Config with GetCertificate set, because Server.ListenAndServeTLS only checks len(config.Certificates) and never considers whether GetCertificate is non-nil.

This went unnoticed earlier but now everybody wants to use LetsEncrypt/TLS/http2 and LetsEncrypt gives out very quickly-expiring certificates, so the best way to use them is via TLS.Config.GetCertificate.

@bradfitz bradfitz self-assigned this Feb 8, 2016

@bradfitz bradfitz added this to the Go1.6 milestone Feb 8, 2016

@gopherbot

This comment has been minimized.

Copy link

commented Feb 9, 2016

CL https://golang.org/cl/19381 mentions this issue.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.