2 godlighty -- highly-customizable HTTP, HTTP/2, HTTPS server
3 Copyright (C) 2021 Sergey Matveev <stargrave@stargrave.org>
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, version 3 of the License.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>.
29 var HostToCertificate map[string]*tls.Certificate
31 func GetCertificate(chi *tls.ClientHelloInfo) (*tls.Certificate, error) {
32 cert := HostToCertificate[chi.ServerName]
34 return nil, errors.New("no certificate found")
39 func LoadCertificates() {
40 HostToCertificate = make(map[string]*tls.Certificate, len(Hosts))
41 for host, cfg := range Hosts {
45 cert, err := tls.LoadX509KeyPair(cfg.TLS.Cert, cfg.TLS.Key)
49 if cfg.TLS.CACert != "" {
50 data, err := ioutil.ReadFile(cfg.TLS.CACert)
54 block, _ := pem.Decode(data)
56 log.Fatalln(fmt.Errorf("no PEM found: %s", cfg.TLS.CACert))
58 if block.Type != "CERTIFICATE" {
59 log.Fatalln(fmt.Errorf("non CERTIFICATE: %s", cfg.TLS.CACert))
61 cert.Certificate = append(cert.Certificate, block.Bytes)
63 HostToCertificate[host] = &cert