I am attempting to create a secure websocket in go and libp2p but get an error saying tls.config required
node, err = libp2p.New(
libp2p.Identity(privateKey),
libp2p.DefaultSecurity,
libp2p.ListenAddrStrings(ip6ws, ip4ws),
)
cannot listen on wss address /ip4/0.0.0.0/tcp/8001/wss without a tls.Config
For anyone else looking for help I figured it out!
Self signed this is using Go ‘crypto/tls’
// GenX509KeyPair generates the TLS keypair for the server
func GenX509KeyPair() (tls.Certificate, error) {
now := time.Now()
template := &x509.Certificate{
SerialNumber: big.NewInt(now.Unix()),
Subject: pkix.Name{
CommonName: "quickserve.example.com",
Country: []string{"USA"},
Organization: []string{"example.com"},
OrganizationalUnit: []string{"quickserve"},
},
NotBefore: now,
NotAfter: now.AddDate(0, 0, 1), // Valid for one day
SubjectKeyId: []byte{113, 117, 105, 99, 107, 115, 101, 114, 118, 101},
BasicConstraintsValid: true,
IsCA: true,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
KeyUsage: x509.KeyUsageKeyEncipherment |
x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
}
priv, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return tls.Certificate{}, err
}
cert, err := x509.CreateCertificate(rand.Reader, template, template,
priv.Public(), priv)
if err != nil {
return tls.Certificate{}, err
}
var outCert tls.Certificate
outCert.Certificate = append(outCert.Certificate, cert)
outCert.PrivateKey = priv
return outCert, nil
}
cer, err := GenX509KeyPair() // Or tls.LoadX509KeyPair("server.crt", "server.key")
if err != nil {
log.Println(err)
return
}
config := &tls.Config{Certificates: []tls.Certificate{cer}}
node, err = libp2p.New(
libp2p.Transport(ws.New, ws.WithTLSConfig(config)),
libp2p.ListenAddrStrings(addrz...), // fmt.Sprintf("/ip6/::/tcp/%d/wss", port),
)