On 28/07/16 09:13, viridian....@gmail.com wrote:
I have few questions
1. Is there a java keystore equivalent in golang?
There is no built-in secrecy management for your tls private key in the
standard library.
Private key is stored in: https://golang.org/pkg/crypto/rsa/#PrivateKey
Trusted certificates are stored in
https://golang.org/pkg/crypto/x509/#CertPool
2. http.ListenAndServeTLS expects .pem files as input and .pem is in
plain text and easily readable and I don't want that. Is it possible to
have files in .der or any other encrypted format passed to
http.ListenAndServeTLS if so, how?
Not using the standard library.
3. If I must use .pem files as input to http.ListenAndServeTLS how do I
secure them ?
If you can't have any non-Go dependency, you'd probably have to
implement the decryption yourself at the moment ("security is hard to
get right" notwithstanding).
If external dependencies were ok, you could:
- Call the openssl command line using os/exec.
- Use a cgo binding to the openssl libraries.
Alternatively, when trying to secure a server-server channel, I prefer
putting everything inside a firewall/VLAN.
--
You received this message because you are subscribed to the Google
Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to golang-nuts+unsubscr...@googlegroups.com
<mailto:golang-nuts+unsubscr...@googlegroups.com>.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
