golang sslを使って、証明書をサインして通信します。
2303 ワード
証明書は署名から作成されました。また、lets encrypt証明書は無料で発給され、多くの大工場でサポートされています。しかし、これは単なる例です。検証の有効性と権威性は関係ありません。
サーバ端
サーバ端
package main
import (
"crypto/rand"
"crypto/tls"
"fmt"
"log"
"net"
"time"
)
func HandleClientConnect(conn net.Conn) {
defer conn.Close()
fmt.Println("Receive Connect Request From ", conn.RemoteAddr().String())
buffer := make([]byte, 1024)
for {
len, err := conn.Read(buffer)
if err != nil {
log.Println(err.Error())
break
}
fmt.Printf("Receive Data: %s
", string(buffer[:len]))
//
_, err = conn.Write([]byte(" :" + string(buffer[:len])))
if err != nil {
break
}
}
fmt.Println("Client " + conn.RemoteAddr().String() + " Connection Closed.....")
}
func main() {
crt, err := tls.LoadX509KeyPair("server.crt", "server.key")
if err != nil {
log.Fatalln(err.Error())
}
tlsConfig := &tls.Config{}
tlsConfig.Certificates = []tls.Certificate{crt}
// Time returns the current time as the number of seconds since the epoch.
// If Time is nil, TLS uses time.Now.
tlsConfig.Time = time.Now
// Rand provides the source of entropy for nonces and RSA blinding.
// If Rand is nil, TLS uses the cryptographic random reader in package
// crypto/rand.
// The Reader must be safe for use by multiple goroutines.
tlsConfig.Rand = rand.Reader
l, err := tls.Listen("tcp", "localhost:8888", tlsConfig)
if err != nil {
log.Fatalln(err.Error())
}
for {
conn, err := l.Accept()
if err != nil {
fmt.Println(err.Error())
continue
} else {
go HandleClientConnect(conn)
}
}
}package main
import (
"crypto/tls"
"fmt"
"io"
"time"
"log"
)
func main() {
//
tlsConfig := &tls.Config{InsecureSkipVerify: true}
conn, err := tls.Dial("tcp", "localhost:8888", tlsConfig)
if err != nil {
log.Fatalln(err.Error())
}
defer conn.Close()
log.Println("Client Connect To ", conn.RemoteAddr())
status := conn.ConnectionState()
fmt.Printf("%#v
", status)
buf := make([]byte, 1024)
ticker := time.NewTicker(1 * time.Millisecond * 500)
for {
select {
case