Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS support #4

Open
pukkatea opened this issue Mar 24, 2017 · 0 comments
Open

TLS support #4

pukkatea opened this issue Mar 24, 2017 · 0 comments
Assignees
@pukkatea

Comments

@pukkatea
Copy link
Contributor

In order to be able to support TLS certificates on vhosts, some things need to be handled:

  1. One can opt to bring their own certificate (wildcard cert) and store it in their /certs folder
  2. One can opt to have a Let's encrypt cert generated for their main domain and aliases.

In the first case we only need to check wether the cert is locates at the correct location before the user can hit the 'enable SSL' button. The user needs to be able to have their cert re-processed by the webserver (eg reload).

In the second case, there are a few things to take care of.

  • We need to loop through all the hosts that have aliases and get all hosts.
  • Once we have all the domains for a certificate, we need to check which ones pin to the server we're currently executing the code on.
  • Generate certificates for all 'valid' domains

When renewing one of these Let's encrypt certificates, we'll need to check for errors on domains which might not be pointing to the server we're currently executing the code on any longer.

Oh and we also need to reload the webserver afterwards 😄
@pukkatea pukkatea self-assigned this Mar 24, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pukkatea pukkatea

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pukkatea