not use selfsigned certs

Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>

http.go

@@ -5,6 +5,7 @@ import (
 	"bytes"
 	"crypto/tls"
 	"errors"
+	"fmt"
 	"io"
 	"io/ioutil"
 	"net"
@@ -14,10 +15,8 @@ import (
 	"time"
 
 	"github.com/unistack-org/micro/v3/network/transport"
-	maddr "github.com/unistack-org/micro/v3/util/addr"
 	"github.com/unistack-org/micro/v3/util/buf"
 	mnet "github.com/unistack-org/micro/v3/util/net"
-	mls "github.com/unistack-org/micro/v3/util/tls"
 	"golang.org/x/net/http2"
 	"golang.org/x/net/http2/h2c"
 )
@@ -533,30 +532,11 @@ func (h *httpTransport) Listen(addr string, opts ...transport.ListenOption) (tra
 	var err error
 
 	// TODO: support use of listen options
-	if h.opts.Secure || h.opts.TLSConfig != nil {
+	if h.opts.Secure && h.opts.TLSConfig == nil {
-		config := h.opts.TLSConfig
+		return nil, fmt.Errorf("request secure communication, but *tls.Config is nil")
-
+	} else if h.opts.Secure && h.opts.TLSConfig != nil {
 		fn := func(addr string) (net.Listener, error) {
-			if config == nil {
+			return tls.Listen("tcp", addr, h.opts.TLSConfig)
-				hosts := []string{addr}
-
-				// check if its a valid host:port
-				if host, _, err := net.SplitHostPort(addr); err == nil {
-					if len(host) == 0 {
-						hosts = maddr.IPs()
-					} else {
-						hosts = []string{host}
-					}
-				}
-
-				// generate a certificate
-				cert, err := mls.Certificate(hosts...)
-				if err != nil {
-					return nil, err
-				}
-				config = &tls.Config{Certificates: []tls.Certificate{cert}}
-			}
-			return tls.Listen("tcp", addr, config)
 		}
 
 		l, err = mnet.Listen(addr, fn)