Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
net/http: Server.ListenAndServeTLS not compatible with tls.Config.GetCertificate #14268
@willchan noted that it's not possible to use net/http.Server.ListenAndServeTLS with a tls.Config with GetCertificate set, because Server.ListenAndServeTLS only checks len(config.Certificates) and never considers whether GetCertificate is non-nil.
This went unnoticed earlier but now everybody wants to use LetsEncrypt/TLS/http2 and LetsEncrypt gives out very quickly-expiring certificates, so the best way to use them is via TLS.Config.GetCertificate.