一般来说,我从 GoDaddy 获得了 3 个文件:
- 主证书文件
- 服务器私钥
- 捆绑文件
通过以下方式在我的 Go 服务器中配置了所有这些文件:
cert, err := tls.LoadX509KeyPair("myalcoholist.pem","myalcoholist.key")
if err != nil {
log.Fatalf("server: loadkeys: %s", err)
}
pem, err := ioutil.ReadFile("cert/sf_bundle-g2-g1.crt")
if err != nil {
log.Fatalf("Failed to read client certificate authority: %v", err)
}
if !certpool.AppendCertsFromPEM(pem) {
log.Fatalf("Can't parse client certificate authority")
}
tlsConfig := &tls.Config{
ClientCAs: certpool,
Certificates: []tls.Certificate{cert},
}
srv := &http.Server{
Addr: "myalcoholist.com:443",
Handler: n,
ReadTimeout: time.Duration(5) * time.Second,
WriteTimeout: time.Duration(5) * time.Second,
TLSConfig: tlsConfig,
}
err := srv.ListenAndServeTLS("cert/myalcoholist.pem","cert/myalcoholist.key")
网络服务器运行正常,目前发布于https://myalcoholist.com:443
.
我使用以下方法验证了我的 SSLhttps://www.ssllabs.com/ssltest/analyze.html?d=myalcoholist.com
它的回应是This server's certificate chain is incomplete. Grade capped to B.
您可以访问此链接查看所有详细结果。
我缺少什么?