Support HTTPS by default

Question

Support HTTPS by default

evanmcclure opened this issue 5 years ago · 3 comments

Support HTTPS by default, to maintain best practices in delivering cloud-native applications.

Answer 1 · 2020-06-16T20:02:40.000Z

Here is a list of flags I propose adding to the servers in order to support TLS.

-address - changes the bind address. The default is "0.0.0.0:1987".
-tls-disable - specifies that TLS is disabled. TLS is enabled by default.
-tls-cert-file - specifies the path of the TLS certificate file. A custom CA certificate may be used by concatenating it to the primary certificate. The default path will be the common system cert path + "/spago.crt".
-tls-key-file - specifies the path to private key for the certificate. The default path will be the common system cert path + "/spago.key".

The command docker build will generate and package a key and self-signed certificate by default, as part of the Docker container image.

Users running the servers from the command line must pass in the flag -tls-disable because there won't be any certificates available in the repository.

Answer 2 · 2020-06-17T14:42:28.000Z

@evanmcclure, I'm all for it!

Before making a pull request, would you like to rebase on the main? The server has been slightly changed here #21.

Answer 3 · 2020-06-17T15:04:40.000Z

👍

…

On Wed, Jun 17, 2020 at 7:42 AM Matteo Grella ***@***.***> wrote: @evanmcclure <https://github.com/evanmcclure>, I'm all for it! Before making a pull request, would you like to rebase on the main? The server has been slightly changed here #21 <#21>. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#19 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AACKLGHL3X42IHMY4TCUF43RXDI6HANCNFSM4N7ZPWGA> .