Auto TLS

Automatic TLS certificates from Let’s Encrypt recipe for Echo

This recipe demonstrates how to obtain TLS certificates for a domain automatically from
Let’s Encrypt. Echo#StartAutoTLS accepts an address which should listen on port 443.

Browse to https://<DOMAIN>. If everything goes fine, you should see a welcome
message with TLS enabled on the website.

• For added security you should specify host policy in auto TLS manager
• Cache certificates to avoid issues with rate limits (https://letsencrypt.org/docs/rate-limits)
• To redirect HTTP traffic to HTTPS, you can use redirect middleware

Server

server.go

package main
import (
    "net/http"
    "github.com/labstack/echo"
    "github.com/labstack/echo/middleware"
    "golang.org/x/crypto/acme/autocert"
)
func main() {
    e := echo.New()
    // e.AutoTLSManager.HostPolicy = autocert.HostWhitelist("<DOMAIN>")
    // Cache certificates
    e.AutoTLSManager.Cache = autocert.DirCache("/var/www/.cache")
    e.Use(middleware.Recover())
    e.Use(middleware.Logger())
    e.GET("/", func(c echo.Context) error {
        return c.HTML(http.StatusOK, `
            <h1>Welcome to Echo!</h1>
            <h3>TLS certificates automatically installed from Let's Encrypt :)</h3>
        `)
    })
    e.Logger.Fatal(e.StartAutoTLS(":443"))
}

Source Code

Maintainers

• vishr