* 新增支持自定义上传证书功能

* 新增支持申请和自动续期Let's Encrypt证书（暂只支持阿里云和腾讯云）功能 * 新增支持动态加载证书（更换证书不需重启）功能
2025-08-08 13:09:04 +08:00 · 2023-03-31 20:34:29 +08:00
parent df52087473
commit 9bac773961
9 changed files with 554 additions and 39 deletions
--- a/server/handler/server.go
+++ b/server/handler/server.go
@@ -48,6 +48,13 @@ func startTls() {
 		NextProtos:   []string{"http/1.1"},
 		MinVersion:   tls.VersionTLS12,
 		CipherSuites: selectedCipherSuites,
+		GetCertificate: func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
+			cert, err := tls.LoadX509KeyPair(base.Cfg.CertFile, base.Cfg.CertKey)
+			if err != nil {
+				return nil, err
+			}
+			return &cert, nil
+		},
 		// InsecureSkipVerify: true,
 	}
 	srv := &http.Server{
@@ -71,7 +78,7 @@ func startTls() {
 	}

 	base.Info("listen server", addr)
-	err = srv.ServeTLS(ln, base.Cfg.CertFile, base.Cfg.CertKey)
+	err = srv.ServeTLS(ln, "", "")
 	if err != nil {
 		base.Fatal(err)
 	}