If you are looking to secure your go application with an SSL certificate to protect your sensitive data and ensure encrypted communication to build user trust.
Without having an SSL certificate your application is vulnerable to cyber attacks, data interception and third-party unauthorized access.
In this article, we will take you through the step-by-step process of installing an SSL certificate on the Ubuntu server for a Go application.
Specifically, we will focus on using a certificate from Porkbun, a reliable domain and SSL provider, to enhance your application's security and encryption.
By following these steps you can guarantee a safer and more secure online experience for your users.
How to install an SSL certificate on an Ubuntu server running on a Go application
Step 1:
1: Log in to your Porkbun account and locate the SSL certificate section
2: Now you have to download the SSL certificate bundle which includes:
private.key.pem(private key)
Public.key.pem (public key)
domain.cert.pem(certificate)
Step 2: Upload the SSL files to the server
Transfer your SSL files to your Ubuntu server using SCP or SFTP
scp private.key.pem public.key.pem domain.cert.pem user@your-server:/home/user/
Move them to a secure location:
sudo mkdir -p /etc/ssl/api.example.xyz/
sudo mv private.key.pem /etc/ssl/api.example.xyz/
sudo mv public.key.pem /etc/ssl/api.example.xyz/
sudo mv domain.cert.pem /etc/ssl/api.example.xyz/
Set proper permissions:
sudo chmod 600 /etc/ssl/api.example.xyz/*
sudo chown root: root /etc/ssl/api.example.xyz/*
Step 3. Configure the Go application for HTTPS
Since our Go application runs on its own without Apache or Nginx, we need to set up TLS directly in the Go code.
package main
import (
"log"
"net/http"
)
func main() {
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("Hello, Secure API!"))
})
err := http.ListenAndServeTLS(":443",
"/etc/ssl/api.example.xyz/domain.cert.pem",
"/etc/ssl/api.example.xyz/private.key.pem",
nil)
if err != nil {
log.Fatal(err)
}
}
Step 4: Allow HTTPS in Firewall
If you’re using ufw (Uncomplicated Firewall), allow traffic on port 443 (HTTPS):
sudo ufw allow 443/tcp
sudo ufw reload
Step 5: Restart the Go Application
Run the Go application again to apply the changes:
go run main.go
Step 6: Testing your SSL Installation
You can test your SSL installation using curl:
curl -v https://api.example.xyz
Alternatively, you can use SSL installation checker tool to verify the SSL certificate is correctly installed.
Now your Go application is secured with SSL
Top comments (0)