Go实现tls的通信的简单代码例子

1、创建本地证书和秘钥，创建脚本如下

#!/bin/bashmkdir certsrm -rf  certs/*echo "make server cert"openssl req -new -nodes -x509 -out certs/server.pem -keyout certs/server.key -days 3650 -subj "/C=DE/ST=NRW/L=Earth/O=Random Company/OU=IT/CN=www.random.com/emailAddress=921586520@qq.com"

2、server端（sever.go文件内容如下）

package mainimport(   "bufio"   "crypto/tls"   "log"   "net")func main() {    cert, err := tls.LoadX509KeyPair("certs/server.pem","certs/server.key")    if err !=nil{        log.Println(err)        return    }    config := &tls.Config{Certificates: []tls.Certificate{cert}}    ln, err := tls.Listen("tcp",":443", config)    if err !=nil{       log.Println(err)        return    }    defer ln.Close()    for{       conn, err := ln.Accept()       if err !=nil{          log.Println(err)          continue       }       go handleConn(conn)    }}func handleConn(conn net.Conn) {    defer conn.Close()    r := bufio.NewReader(conn)    for{   msg, err := r.ReadString('\n')      if err !=nil{          log.Println(err)          return      }      println(msg)      n, err := conn.Write([]byte("world\n"))      if err !=nil {         log.Println(n, err)         return      }   }}

3、Client端（client.go代码如下）

package mainimport(   "crypto/tls"   "log")func main() {    conf := &tls.Config{       InsecureSkipVerify: true,    }   conn, err := tls.Dial("tcp","127.0.0.1:443", conf)   if err !=nil{     log.Println(err)     return   }   defer conn.Close()   n, err := conn.Write([]byte("hello\n"))   if err !=nil{      log.Println(n, err)      return   }   buf := make([]byte,100)   n, err = conn.Read(buf)   if err !=nil{     log.Println(n, err)     return    }   println(string(buf[:n]))}

4、分别运行客户端和服务器，观察实验结果

root@docker1:/home/docker/xu/go-pro/tls# go run server.go hello

root@docker1:/home/docker/xu/go-pro/tls# go run client.go world

5、实验结束