Here is some code to redirect requests on port 80 to 443 and to serve up tls certificates using a CA like lets encrypt. I know that with lets encrypt (letsencrypt.org) you want to reference the resulting fullchain.pem file as well as the privkey.pem.
The biggest problem with self signing is that it wont be very viable in production. With golang we really configure our applications quite specifically so something simple like attaching tls certs properly is an important topic when we are ready to launch.
here some simple code I have actually used to launch a static site:
package main
import (
"net/http"
"log"
)
func redirect(w http.ResponseWriter, req *http.Request) {
// remove/add not default ports from req.Host
target := "https://" + req.Host + req.URL.Path
if len(req.URL.RawQuery) > 0 {
target += "?" + req.URL.RawQuery
}
log.Printf("redirect to: %s", target)
http.Redirect(w, req, target,
http.StatusTemporaryRedirect)
}
func main() {
//define a variable for the FileServer directory in this case ./static/
var fs = http.FileServer(http.Dir("static"))
//express the handler function
http.Handle("/", fs)
//We should redirect requests on port 80
go http.ListenAndServe(":80", http.HandlerFunc(redirect))
//finally we Listen for requests and serve them up on a specific port
http.ListenAndServeTLS(":443", "fullchain.pem", "privkey.pem", nil)
}