📝 [Proposal]: Add support for AutoTLS / ACME #3155
Description
Feature Proposal Description
Reduce the boilerplate of setting up AutoTLS / ACME by adding built-in support into Fiber. Similar to what Gin and Echo currently offer. We currently support this via a recipe, but we had users ask how to do this. Ideally we should integrate the code from the recipe into a new function under app similar to app.Listen() or app.Listener().
Alignment with Express API
N/a
HTTP RFC Standards Compliance
RFC 8555 - https://datatracker.ietf.org/doc/html/rfc8555/
API Stability
N/a
Feature Examples
We currently have a recipe for doing this:
package main
import (
"crypto/tls"
"log"
"github.com/gofiber/fiber/v2"
"golang.org/x/crypto/acme/autocert"
)
func main() {
// Fiber instance
app := fiber.New()
// Routes
app.Get("/", func(c *fiber.Ctx) error {
return c.SendString("This is a secure server 👮")
})
// Let’s Encrypt has rate limits: https://letsencrypt.org/docs/rate-limits/
// It's recommended to use it's staging environment to test the code:
// https://letsencrypt.org/docs/staging-environment/
// Certificate manager
m := &autocert.Manager{
Prompt: autocert.AcceptTOS,
// Replace with your domain
HostPolicy: autocert.HostWhitelist("example.com"),
// Folder to store the certificates
Cache: autocert.DirCache("./certs"),
}
// TLS Config
cfg := &tls.Config{
// Get Certificate from Let's Encrypt
GetCertificate: m.GetCertificate,
// By default NextProtos contains the "h2"
// This has to be removed since Fasthttp does not support HTTP/2
// Or it will cause a flood of PRI method logs
// http://webconcepts.info/concepts/http-method/PRI
NextProtos: []string{
"http/1.1", "acme-tls/1",
},
}
ln, err := tls.Listen("tcp", ":443", cfg)
if err != nil {
panic(err)
}
// Start server
log.Fatal(app.Listener(ln))
}Checklist:
- I agree to follow Fiber's Code of Conduct.
- I have searched for existing issues that describe my proposal before opening this one.
- I understand that a proposal that does not meet these guidelines may be closed without explanation.