StartTLS starts given Handler with HTTPS server. If `certFile` or `keyFile` is `string` the values are treated as file paths. If `certFile` or `keyFile` is `[]byte` the values are treated as the certificate or key as-is.
(ctx stdContext.Context, h http.Handler, certFile, keyFile any)
| 69 | // If `certFile` or `keyFile` is `string` the values are treated as file paths. |
| 70 | // If `certFile` or `keyFile` is `[]byte` the values are treated as the certificate or key as-is. |
| 71 | func (sc StartConfig) StartTLS(ctx stdContext.Context, h http.Handler, certFile, keyFile any) error { |
| 72 | certFs := sc.CertFilesystem |
| 73 | if certFs == nil { |
| 74 | certFs = os.DirFS(".") |
| 75 | } |
| 76 | cert, err := filepathOrContent(certFile, certFs) |
| 77 | if err != nil { |
| 78 | return err |
| 79 | } |
| 80 | key, err := filepathOrContent(keyFile, certFs) |
| 81 | if err != nil { |
| 82 | return err |
| 83 | } |
| 84 | cer, err := tls.X509KeyPair(cert, key) |
| 85 | if err != nil { |
| 86 | return err |
| 87 | } |
| 88 | if sc.TLSConfig == nil { |
| 89 | sc.TLSConfig = &tls.Config{ |
| 90 | MinVersion: tls.VersionTLS12, |
| 91 | NextProtos: []string{"h2"}, |
| 92 | //NextProtos: []string{"http/1.1"}, // Disallow "h2", allow http |
| 93 | } |
| 94 | } |
| 95 | sc.TLSConfig.Certificates = []tls.Certificate{cer} |
| 96 | return sc.start(ctx, h) |
| 97 | } |
| 98 | |
| 99 | // start starts handler with HTTP(s) server. |
| 100 | func (sc StartConfig) start(ctx stdContext.Context, h http.Handler) error { |