Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(crypto): enabled the use of certificate/key pairs from disk vs. … #66

Open
wants to merge 4 commits into
base: master
Choose a base branch
from

Conversation

ArchiMoebius
Copy link

@ArchiMoebius ArchiMoebius commented May 22, 2020

enabled the use of certificate/key pairs from disk vs. just using let's encrypt - issue#20

to:
cc: @subspacecommunity/subspace-maintainers
related to:
resolves: #20

Background

Requested in #20

Changes

Testing

Steps for how this change was tested and verified

Generate a certificate/key pair in PEM format and try it out on the command line:

openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem

main.go Outdated Show resolved Hide resolved
Copy link

@jack1902 jack1902 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just need to remove the os.Exit calls after a log.Fatal https://golang.org/src/log/log.go?s=10156:10184#L320

main.go Outdated Show resolved Hide resolved
main.go Outdated Show resolved Hide resolved
main.go Outdated Show resolved Hide resolved
main.go Outdated Show resolved Hide resolved
Copy link

@gavinelder gavinelder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I need to do a more in-depth review locally but have addressed some initial concerns.

main.go Outdated Show resolved Hide resolved
main.go Outdated
// Plain text web server for use behind a reverse proxy.
if !letsencrypt {
if !letsencrypt && tlsCertificate == "" || tlsKey == "" {

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if !letsencrypt && tlsCertificate == "" || tlsKey == "" {
if !letsencrypt || tlsCertificate == "" || tlsKey == "" {

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

when:
  le == false 
  kp == true

(!le || kp) then pass (which we don't want, correct?)

when:
  le == false 
  kp == true

(!le && cert) then fail (which is what we want, no?)

So it should stay a && and not be changed to a || - or am I missing it?

main.go Outdated Show resolved Hide resolved
main.go Outdated
Comment on lines 344 to 351
httpsd := &http.Server{
Handler: r,
Addr: httpAddr,
WriteTimeout: httpTimeout,
ReadTimeout: httpTimeout,
MaxHeaderBytes: maxHeaderBytes,
}

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I need to check out the PR on my own machine but this looks like it's in the wrong place.

@ArchiMoebius
Copy link
Author

It's been a few days - any other issues which need be resolved before merging?

@dahendel
Copy link

dahendel commented Aug 9, 2021

Is there a possibility this might get merged soon?

@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@ArchiMoebius
Copy link
Author

@agonbar

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Has any thought been given to allowing standard TLS certificates
4 participants