May be , 

I hope you use letusencryt auto renew and running this under cron , 
If you dont want to add any other library , use can put it as a systemctl 
service,  restart when exits using the service. That might work

On Tuesday, 5 November 2019 22:50:11 UTC+5:30, Michael Ellis wrote:
>
>
>         I have the code at the bottom of this message in a web server I'm 
> running in a Digital Ocean Droplet.  The app is a simple ear training 
> program for instrumentalists.  The URL is https://etudes.ellisandgrant.com
> .
>
>         It works with no problems until the letsencrypt certificate 
> expires every 90 days.  ListenAndServeTLS() returns an error, the program 
> exits and restarts (because I'm running under `entr - r`) and then falls 
> into the default case which is plain http service.  I'd like to prevent 
> that since modern browsers (for very good reasons) show scary warnings 
> about plain http sites.  
>
>         I don't need absolute 100% uptime for the program.  A few minutes 
> unavailability while the cert is renewed would be perfectly acceptable.  I 
> just want to add a check at the restart to detect that the cert is expired 
> and renew it automatically.  How can I do that with packages from the Go 
> standard library?  ( I know Caddy is available but I'd prefer not to add a 
> third-party dependency for what seems like a relatively simple task.)
>
> <SNIP>
>         var serveSecure bool
> var certpath, certkeypath string
> if hostport == ":443" {
> certpath, certkeypath, err = getCertPaths()
> if err != nil {
> log.Printf("Can't find SSL certificates: %v", err)
> hostport = ":80"
> }
> serveSecure = true
> }
> log.Printf("serving on %s\n", hostport)
> switch serveSecure {
> case true:
> if err := http.ListenAndServeTLS(hostport, certpath, certkeypath, nil); 
> err != nil {
> log.Fatalf("Could not listen on port %s : %v", hostport, err)
> }
> default:
> if err := http.ListenAndServe(hostport, nil); err != nil {
> log.Fatalf("Could not listen on port %s : %v", hostport, err)
> }
> }
> </SNIP>
>
> / getCertPaths attempts to retrieve a certficate and key for use with
> // ListenAndServeTLS. It returns an error if either item cannot be found 
> but
> // does not otherwise attempt to validate them. That is left up to
> // ListenAndServeTLS.
> func getCertPaths() (certpath string, keypath string, err error) {
> certpath = os.Getenv("IETUDE_CERT_PATH")
> if certpath == "" {
> err = fmt.Errorf("no environment variable IETUDE_CERT_PATH")
> return
> }
> keypath = os.Getenv("IETUDE_CERTKEY_PATH")
> if keypath == "" {
> err = fmt.Errorf("no environment variable IETUDE_CERTKEY_PATH")
> return
> }
> return
> }
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/golang-nuts/93cc36e6-64e8-4409-84fe-a58a6467766f%40googlegroups.com.

Reply via email to