lthibault/generate_tls.go

## generate_tls.go
func GenerateTLSConfig() *tls.Config {
	key, err := rsa.GenerateKey(rand.Reader, 1024)
	if err != nil {
		panic(err)
	}

	// generate a random serial number (a real cert authority would have some logic behind this)
	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
	if err != nil {
		panic("failed to generate serial number: " + err.Error())
	}

	template := x509.Certificate{
		SerialNumber: serialNumber,
		// SignatureAlgorithm:    x509.ECDSAWithSHA512,
		NotBefore:             time.Now(),
		NotAfter:              time.Now().Add(time.Hour * 87600), // in 10 years
		BasicConstraintsValid: true,
	}
	certDER, err := x509.CreateCertificate(rand.Reader, &template, &template, &key.PublicKey, key)
	if err != nil {
		panic(err)
	}
	keyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(key)})
	certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: certDER})

	tlsCert, err := tls.X509KeyPair(certPEM, keyPEM)
	if err != nil {
		panic(err)
	}
	return &tls.Config{Certificates: []tls.Certificate{tlsCert}, InsecureSkipVerify: true}
}

## h2quic.go
var c = &http.Client{
	Transport: &h2quic.RoundTripper{
		TLSClientConfig: cert,
	},
}

var server = h2quic.Server{
	Server: &http.Server{
		Addr:      ":9001",
		TLSConfig: cert,
		// Handler:   http.HandlerFunc(handle),
	},
}
	func GenerateTLSConfig() *tls.Config {
	key, err := rsa.GenerateKey(rand.Reader, 1024)
	if err != nil {
	panic(err)
	}

	// generate a random serial number (a real cert authority would have some logic behind this)
	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
	if err != nil {
	panic("failed to generate serial number: " + err.Error())
	}

	template := x509.Certificate{
	SerialNumber: serialNumber,
	// SignatureAlgorithm: x509.ECDSAWithSHA512,
	NotBefore: time.Now(),
	NotAfter: time.Now().Add(time.Hour * 87600), // in 10 years
	BasicConstraintsValid: true,
	}
	certDER, err := x509.CreateCertificate(rand.Reader, &template, &template, &key.PublicKey, key)
	if err != nil {
	panic(err)
	}
	keyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(key)})
	certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: certDER})

	tlsCert, err := tls.X509KeyPair(certPEM, keyPEM)
	if err != nil {
	panic(err)
	}
	return &tls.Config{Certificates: []tls.Certificate{tlsCert}, InsecureSkipVerify: true}
	}
	var c = &http.Client{
	Transport: &h2quic.RoundTripper{
	TLSClientConfig: cert,
	},
	}

	var server = h2quic.Server{
	Server: &http.Server{
	Addr: ":9001",
	TLSConfig: cert,
	// Handler: http.HandlerFunc(handle),
	},
	}