Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom SSL certificates for HTTPS #1084

Open
nadavgolden opened this issue Apr 11, 2021 · 5 comments
Open

Custom SSL certificates for HTTPS #1084

nadavgolden opened this issue Apr 11, 2021 · 5 comments
Labels
good first issue help wanted

Comments

@nadavgolden
Copy link

@nadavgolden nadavgolden commented Apr 11, 2021

🚀 Feature

Enable having custom certificates from a local CA server instead of Certbot.

Have you spent some time to check if this issue has been raised before?

Searched documentation and issues history here, didn't find any similar issues.
Read some of the source code and available config flags, didn't see any that are relevant.
Went to the source code and it seems like Certbot is the only option.

Have you read the Code of Conduct?

Yes.

Pitch

In my specific case I have an offline environment with no access to Let's Encrypt's servers.
Also, we use a custom CA for our servers so I'd rather use our own than using Let's Encrypt.

Please enlighten me if there is a way to configure Certbot (or AppWrite) to use custom certificates.
@nadavgolden
Copy link
Author

@nadavgolden nadavgolden commented Apr 11, 2021

I guess you can use a reverse proxy with a custom certificate so that:
AppWrite (self-signed)<- nginx (trust insecure upstream connection; use custom certificate) <- client (HTTPS)
But I'd like to avoid it

@eldadfux
Copy link
Member

@eldadfux eldadfux commented Apr 11, 2021

I guess you can use a reverse proxy with a custom certificate so that:
AppWrite (self-signed)<- nginx (trust insecure upstream connection; use custom certificate) <- client (HTTPS)
But I'd like to avoid it

Agree, this can be a great solution. You can also use the Traefik container to set custom certificates like explained here:
https://medium.com/@clintcolding/use-your-own-certificates-with-traefik-a31d785a6441

@eldadfux eldadfux added good first issue help wanted labels May 27, 2021
@eldadfux
Copy link
Member

@eldadfux eldadfux commented May 27, 2021

We would love help with this issue. All required is to add env vars that will allow our Swoole HTTP server to pick SSL certs from a specific location without having to rely on Traefik for SSL.

@HariniKrishnan
Copy link

@HariniKrishnan HariniKrishnan commented Oct 1, 2021
edited

hi can I work on this issue?! @eldadfux

@davedawkins
Copy link

@davedawkins davedawkins commented Oct 22, 2021

Would the resolution of this issue allow me to use certificates I already have installed on my server? I've installed AppWrite on abc.dev, and assigned it ports 8585 (http) & 8543 (https). (On this server, AppWrite cannot have port 80 unless I route "/v1/..."). Because it's ".dev", the self-signed certificate isn't accepted by the browser. I was wondering if I could copy the certificates used by the main website into the AppWrite server.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue help wanted
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
@davedawkins @eldadfux @HariniKrishnan @nadavgolden