How to Establish HTTPS on a Go Web Server with Non-Standard Certificate Files

The provided documentation recommends concatenating three .pem files. However, if you don't have those files, here's how to set up HTTPS using the certificate files you do possess:

Combining Intermediate Certs:

While Go typically requires one concatenated certificate file, other platforms only store root certificates. To ensure compatibility, concatenate your intermediate certificates:

cat website.com.ca-crt website.com.ca-bundle > website.com.full-cert.crt

Setting Up HTTPS in Go:

Use net/http/ListenAndServeTLS to configure HTTPS:

import (
    "fmt"
    "log"
    "net/http"
)

func handler(w http.ResponseWriter, r *http.Request) {
    fmt.Fprintf(w, "Hello, %q", r.URL.Path[1:])
}

func main() {
    http.HandleFunc("/", handler)
    log.Printf("Listening on port 10443. Visit https://127.0.0.1:10443/")
    err := http.ListenAndServeTLS(":10443", "website.com.full-cert.crt", "private-key.pem", nil)
    log.Fatal(err)
}

Additional Notes:

Intermediate certificates are required to establish trust between clients and the server. Using a full certificate file ensures compatibility with all browsers and devices.

Refer to this resource for more information on combining certificates: https://kb.wisc.edu/page.php?id=18923