The http package with Go is cute and makes it efficient to write HTTP or HTTPS servers. To make the server certificates itself, we invoke http.ListenAndServeTLS, which requires parameters specifying a certificate file and a key file. One can use generate_cert.go in crypto/tls to generate the certificate and key; however, Web browsers will complain that your site is self-certificated (you, but not an authority, say that the site is yours). This concise post explains how to get a certificate from an authority, such as GoDaddy.com, in 15 mins. The theory behind certification and symmetric encryption is described here with pictures.