mkcert をインストール(ビルド)する

https://github.com/FiloSottile/mkcert#linux

$ sudo apt install libnss3-tools
$ git clone https://github.com/FiloSottile/mkcert && cd mkcert
$ go build -ldflags "-X main.Version=$(git describe --tags)"

mkcert で証明書とキーを作成する

$ mkcert -install
The local CA is already installed in the system trust store! 👍
The local CA is already installed in the Firefox and/or Chrome/Chromium trust store! 👍

$ mkcert -key-file key.pem -cert-file cert.pem 127.0.0.1 ::1

Created a new certificate valid for the following names 📜
 - "127.0.0.1"
 - "::1"

The certificate is at "cert.pem" and the key at "key.pem" ✅

It will expire on 18 October 2023 🗓

$ ls *.pem
cert.pem  key.pem

HTTPS サーバのサンプルコード

作成した cert.pem と key.pem のパスを http.ListenAndServeTLS に渡します。

package main

import (
    "fmt"
    "log"
    "net/http"
)

func main() {
    http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
        fmt.Fprintf(w, "Protocol: %s\n", r.Proto)
    })
    if err := http.ListenAndServeTLS(":5000", "cert.pem", "key.pem", nil); err != nil {
        log.Fatal(err)
    }
}

動作確認

$ curl https://127.0.0.1:5000
Protocol: HTTP/2.0

参考にさせていただいたサイト

• https://twitter.com/mattn_jp/status/1415859154258825216
• https://deeeet.com/writing/2015/11/19/go-http2/