Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support TLS in ApiServer #1565

Merged
merged 2 commits into from
Sep 21, 2018
Merged

Support TLS in ApiServer #1565

merged 2 commits into from
Sep 21, 2018

Conversation

hashmap
Copy link
Contributor

@hashmap hashmap commented Sep 20, 2018

This is a ground work to support TLS in Grin APIs (like wallet or node). Particular API implementation needs to decide if TLS is used or not and pass certificate data etc.

  • P12 format support
  • New method to start TLS server
  • Transparent TLS support in API client (depends on URL scheme http/https)
  • Refactoring
  • Initial support for graceful shutdown (commented out int this PR, unstable for now)
  • API server tests (TLS server test is disabled by default, hyper client rejects self-signed certificates, so extra step is needed to install local CA (I used mkcert)

@hashmap
Support TLS in ApiServer
8a7d580 
This is ground work to support TLS in Grin APIs (like wallet ot node). Particular API implemention needs to decide if TLS is used or not and pass certificate data etc.

* P12 format support
* New method to start TLS server
* Transparent TLS support in API client (depends on URL scheme http/https)
* Refactoring
* Initial support for graceful shutdown (commentred out int this PR, unstable for now)
* API server tests (TLS server test is disabled by default, hyper client rejects self-signed certificates, so extra step is needed to install local CA (I used mkcert)
@hashmap
Add a cert file to make test complile
57e3013
@hashmap
Copy link
Contributor Author

hashmap commented Sep 21, 2018

Merging after discussing in gitter

@hashmap hashmap merged commit 972c2e5 into mimblewimble:master Sep 21, 2018
@hashmap hashmap deleted the tls-api branch September 21, 2018 11:33
@0xmichalis
Copy link
Contributor

Is there any documentation on how to use this? Do I need to do anything config-wise or will a new node use it by default?

@quentinlesceller
Copy link
Member

@Kargakis Next PR from HashMap should enable this functionality.

@hashmap
Copy link
Contributor Author

hashmap commented Sep 21, 2018

@Kargakis There will be for sure. This PR doesn't introduce TLS support for node nor wallet, just enables it on the low level. Next pr(s) will add options to configure it and enable in user facing APIs. TLS will be optional because it requires extra steps which are not feasible for some users, like getting a certificate and domain name (or getting a cert for IP, which is also problematic)

@garyyu garyyu mentioned this pull request Sep 24, 2018
Closed
@antiochp antiochp mentioned this pull request Jan 14, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hashmap @0xmichalis @quentinlesceller