Hello :)
How can i add the following
cfg := &tls.Config{
MinVersion: tls.VersionTLS12,
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
PreferServerCipherSuites: true,
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
},
}
into
// ...
var f fasthttp.Server
f.Handler = tls
if err := f.ListenAndServeTLS(":443", "fullchain.pem", "privkey.pem"); err != nil {
// ...
}
// ...
func tls(ctx *fasthttp.RequestCtx) {
// ...
}
Please help.
Thank you very much
@erikdubbelboer do you have a chance to help me? :)
For custom tls options you will have to create your own tls listener and use fasthttp.Server.Serve instead. Here is an example:
cfg := &tls.Config{
MinVersion: tls.VersionTLS12,
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
PreferServerCipherSuites: true,
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
},
}
cert, err := tls.LoadX509KeyPair("fullchain.pem", "privkey.pem")
if err != nil {
// ...
}
cfg.Certificates = append(cfg.Certificates, cert)
cfg.BuildNameToCertificate()
ln, err := net.Listen("tcp4", "0.0.0.0:443")
if err != nil {
// ...
}
tln := tls.NewListener(ln, cfg)
var f fasthttp.Server
f.Handler = tls
if err := f.Serve(tln); err != nil {
// ...
}
Most helpful comment
For custom tls options you will have to create your own tls listener and use
fasthttp.Server.Serveinstead. Here is an example: