issue: fixed labstack#755 (labstack#758)

Signed-off-by: Vishal Rana <[email protected]>
Noki · Dec 2, 2016 · 8d504c1 · 8d504c1
1 parent 7311000
commit 8d504c1
Show file tree

Hide file tree

Showing 5 changed files with 35 additions and 48 deletions.
diff --git a/echo.go b/echo.go
@@ -52,8 +52,8 @@ import (
 
 	"github.com/labstack/gommon/color"
 	glog "github.com/labstack/gommon/log"
-	"github.com/rsc/letsencrypt"
 	"github.com/tylerb/graceful"
+	"golang.org/x/crypto/acme/autocert"
 )
 
 type (
@@ -64,12 +64,12 @@ type (
 		HTTPErrorHandler
 		Binder          Binder
 		Renderer        Renderer
+		AutoTLSManager  autocert.Manager
 		ShutdownTimeout time.Duration
 		Color           *color.Color
 		Logger          Logger
 		server          *graceful.Server
 		tlsServer       *graceful.Server
-		tlsManager      letsencrypt.Manager
 		premiddleware   []MiddlewareFunc
 		middleware      []MiddlewareFunc
 		maxParam        *int
@@ -236,6 +236,9 @@ var (
 // New creates an instance of Echo.
 func New() (e *Echo) {
 	e = &Echo{
+		AutoTLSManager: autocert.Manager{
+			Prompt: autocert.AcceptTOS,
+		},
 		ShutdownTimeout: 15 * time.Second,
 		Logger:          glog.New("echo"),
 		maxParam:        new(int),
@@ -520,13 +523,9 @@ func (e *Echo) StartTLS(address string, certFile, keyFile string) (err error) {
 }
 
 // StartAutoTLS starts the HTTPS server using certificates automatically from https://letsencrypt.org.
-func (e *Echo) StartAutoTLS(address string, hosts []string, cacheFile string) (err error) {
+func (e *Echo) StartAutoTLS(address string) error {
 	config := new(tls.Config)
-	config.GetCertificate = e.tlsManager.GetCertificate
-	e.tlsManager.SetHosts(hosts) // Added security
-	if err = e.tlsManager.CacheFile(cacheFile); err != nil {
-		return
-	}
+	config.GetCertificate = e.AutoTLSManager.GetCertificate
 	return e.startTLS(address, config)
 }
 

diff --git a/glide.lock b/glide.lock
diff --git a/glide.yaml b/glide.yaml
@@ -10,9 +10,11 @@ import:
   - log
   - random
 - package: github.com/mattn/go-isatty
-- package: github.com/rsc/letsencrypt
 - package: github.com/tylerb/graceful
 - package: github.com/valyala/fasttemplate
+- package: golang.org/x/crypto
+  subpackages:
+  - acme/autocert
 - package: golang.org/x/net
   subpackages:
   - websocket

diff --git a/recipe/auto-tls/server.go b/recipe/auto-tls/server.go
@@ -9,6 +9,7 @@ import (
 
 func main() {
 	e := echo.New()
+	// e.AutoTLSManager.HostPolicy = autocert.HostWhitelist("<your_domain>")
 	e.Use(middleware.Recover())
 	e.Use(middleware.Logger())
 	e.GET("/", func(c echo.Context) error {
@@ -17,5 +18,5 @@ func main() {
 			<h3>TLS certificates automatically installed from Let's Encrypt :)</h3>
 		`)
 	})
-	e.StartAutoTLS(":443", []string{"<your_domain>"}, "le.cache")
+	e.StartAutoTLS(":443")
 }
diff --git a/website/content/recipes/auto-tls.md b/website/content/recipes/auto-tls.md
@@ -8,13 +8,14 @@ description = "Automatic TLS certificates from Let's Encrypt example for Echo"
 +++
 
 This recipe shows how to obtain TLS certificates for a domain automatically from
-Let's Encrypt. `Echo#StartAutoTLS` accepts address which should listen on port `443`,
-list of host names for security and a file path to cache the certificates. 
+Let's Encrypt. `Echo#StartAutoTLS` accepts an address which should listen on port `443`.
 
-Browse to https://<your_domain>. If everything goes fine, you should see a welcome
+Browse to `https://<your_domain>`. If everything goes fine, you should see a welcome
 message with TLS enabled on the website.
 
-> To redirect HTTP traffic to HTTPS, you can use [redirect middleware](/middleware/redirect#https-redirect)
+> 
+- For added security you should specify host policy in auto TLS manage
+- To redirect HTTP traffic to HTTPS, you can use [redirect middleware](/middleware/redirect#https-redirect)
 
 ## Server