HTTPS serves mux for all domainNames using the HTTP and HTTPS ports, redirecting all HTTP requests to HTTPS. It uses the Default config and a background context. This high-level convenience function is opinionated and applies sane defaults for production use, including timeouts for HTTP requests an
(domainNames []string, mux http.Handler)
| 71 | // Calling this function signifies your acceptance to |
| 72 | // the CA's Subscriber Agreement and/or Terms of Service. |
| 73 | func HTTPS(domainNames []string, mux http.Handler) error { |
| 74 | ctx := context.Background() |
| 75 | |
| 76 | if mux == nil { |
| 77 | mux = http.DefaultServeMux |
| 78 | } |
| 79 | |
| 80 | DefaultACME.Agreed = true |
| 81 | cfg := NewDefault() |
| 82 | |
| 83 | err := cfg.ManageSync(ctx, domainNames) |
| 84 | if err != nil { |
| 85 | return err |
| 86 | } |
| 87 | |
| 88 | httpWg.Add(1) |
| 89 | defer httpWg.Done() |
| 90 | |
| 91 | // if we haven't made listeners yet, do so now, |
| 92 | // and clean them up when all servers are done |
| 93 | lnMu.Lock() |
| 94 | if httpLn == nil && httpsLn == nil { |
| 95 | httpLn, err = net.Listen("tcp", fmt.Sprintf(":%d", HTTPPort)) |
| 96 | if err != nil { |
| 97 | lnMu.Unlock() |
| 98 | return err |
| 99 | } |
| 100 | |
| 101 | tlsConfig := cfg.TLSConfig() |
| 102 | tlsConfig.NextProtos = append([]string{"h2", "http/1.1"}, tlsConfig.NextProtos...) |
| 103 | |
| 104 | httpsLn, err = tls.Listen("tcp", fmt.Sprintf(":%d", HTTPSPort), tlsConfig) |
| 105 | if err != nil { |
| 106 | httpLn.Close() |
| 107 | httpLn = nil |
| 108 | lnMu.Unlock() |
| 109 | return err |
| 110 | } |
| 111 | |
| 112 | go func() { |
| 113 | httpWg.Wait() |
| 114 | lnMu.Lock() |
| 115 | httpLn.Close() |
| 116 | httpsLn.Close() |
| 117 | lnMu.Unlock() |
| 118 | }() |
| 119 | } |
| 120 | hln, hsln := httpLn, httpsLn |
| 121 | lnMu.Unlock() |
| 122 | |
| 123 | // create HTTP/S servers that are configured |
| 124 | // with sane default timeouts and appropriate |
| 125 | // handlers (the HTTP server solves the HTTP |
| 126 | // challenge and issues redirects to HTTPS, |
| 127 | // while the HTTPS server simply serves the |
| 128 | // user's handler) |
| 129 | httpServer := &http.Server{ |
| 130 | ReadHeaderTimeout: 5 * time.Second, |
searching dependent graphs…