Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net/http: Server.ListenAndServeTLS not compatible with tls.Config.GetCertificate #14268

Closed
bradfitz opened this issue Feb 8, 2016 · 1 comment
Milestone

Comments

@bradfitz
Copy link
Contributor

bradfitz commented Feb 8, 2016

@willchan noted that it's not possible to use net/http.Server.ListenAndServeTLS with a tls.Config with GetCertificate set, because Server.ListenAndServeTLS only checks len(config.Certificates) and never considers whether GetCertificate is non-nil.

This went unnoticed earlier but now everybody wants to use LetsEncrypt/TLS/http2 and LetsEncrypt gives out very quickly-expiring certificates, so the best way to use them is via TLS.Config.GetCertificate.

@bradfitz bradfitz self-assigned this Feb 8, 2016
@bradfitz bradfitz added this to the Go1.6 milestone Feb 8, 2016
@gopherbot
Copy link

CL https://golang.org/cl/19381 mentions this issue.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

2 participants