Generating private keys

Before we do anything, we need to generate a key and a certificate. Go actually has a pretty awesome utility that can generate keys and certificates for us just in Go, but, before we look at that, let's take a look at how we would traditionally generate a certificate using openssl:

openssl genrsa -aes256 -out key.pem 4096  

This will generate a key in PEM format, which uses the RSA algorithm with a 4096 bit size; the key will be encrypted using the aes256 format, and will prompt you for a password. However, we also need an X.509 certificate that will be used with this key; to generate this, we can again use openssl and execute the following command:

openssl req -new -x509 -sha256 -key key.pem -out certificate.pem -days ...

Get Building Microservices with Go now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.