Golang has some TLS configurations available to use such as cipher suites and curve preferences (https://golang.org/src/crypto/tls/common.go?s=9735:14940#L263). Can I use those configuration in fasthttp server?
+1
Did you find a solution to it?
Here is an example on how to create an HTTPS server with a custom configuration:
cfg := &tls.Config{
MinVersion: tls.VersionSSL30,
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256, tls.X25519},
PreferServerCipherSuites: true,
SessionTicketsDisabled: true,
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
},
}
cert, err := tls.LoadX509KeyPair("example.com.pem", "example.com.key")
if err != nil {
panic(err)
}
cfg.Certificates = append(cfg.Certificates, cert)
cert, err = tls.LoadX509KeyPair("foo.com.pem", "foo.com.key")
if err != nil {
panic(err)
}
cfg.Certificates = append(cfg.Certificates, cert)
cfg.BuildNameToCertificate()
tmpLn, err := net.Listen("tcp4", "0.0.0.0:443")
if err != nil {
panic(err)
}
ln := tls.NewListener(tmpLn, cfg)
s := &fasthttp.Server{
Handler: handler,
ReadTimeout: time.Second,
}
if err := s.Serve(ln); err != nil {
panic(err)
}
Most helpful comment
Here is an example on how to create an HTTPS server with a custom configuration: