Go语言TLS/SSLHTTPS安全通信1. TLS概述TLS传输层安全协议为网络通信提供加密、认证和完整性保护Go语言标准库提供了完整的TLS支持。2. TLS服务器实现package main import ( crypto/rand crypto/rsa crypto/tls crypto/x509 crypto/x509/pkix encoding/pem math/big net/http time ) func GenerateSelfSignedCertificate() (tls.Certificate, error) { priv, err : rsa.GenerateKey(rand.Reader, 2048) if err ! nil { return tls.Certificate{}, err } template : x509.Certificate{ SerialNumber: big.NewInt(1), Subject: pkix.Name{ Organization: []string{Example}, }, NotBefore: time.Now(), NotAfter: time.Now().Add(time.Hour * 24 * 365), KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, BasicConstraintsValid: true, IsCA: true, } certDER, err : x509.CreateCertificate(rand.Reader, template, template, priv.PublicKey, priv) if err ! nil { return tls.Certificate{}, err } certPEM : pem.EncodeToMemory(pem.Block{Type: CERTIFICATE, Bytes: certDER}) keyPEM : pem.EncodeToMemory(pem.Block{Type: RSA PRIVATE KEY, Bytes: x509.MarshalPKCS1PrivateKey(priv)}) return tls.X509KeyPair(certPEM, keyPEM) } func NewTLSServer(addr string, handler http.Handler) (*http.Server, error) { cert, err : GenerateSelfSignedCertificate() if err ! nil { return nil, err } tlsConfig : tls.Config{ Certificates: []tls.Certificate{cert}, MinVersion: tls.VersionTLS12, } return http.Server{ Addr: addr, Handler: handler, TLSConfig: tlsConfig, }, nil }3. 总结Go语言标准库提供了完整的TLS支持可以轻松实现HTTPS服务器和安全通信。