forked from hyperledger/besu
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[BESU-77] - Enable TLS for JSON-RPC HTTP Service (hyperledger#271)
Expose following new command line parameters to enable TLS on Ethereum JSON-RPC HTTP interface to allow clients like Ethsigner to connect via TLS --rpc-http-tls-enabled=true (Optional - Only required if --rpc-http-enabled is set to true) Set to ‘true’ to enable TLS. false by default. --rpc-http-tls-keystore-file="/path/to/cert.pfx" (Must be specified if TLS is enabled) Path to PKCS12 format key store which contains server's certificate and it's private key --rpc-http-tls-keystore-password-file="/path/to/cert.passwd" (Must be specified if TLS is enabled) Path to the text file containing password for unlocking key store. --rpc-http-tls-known-clients-file="/path/to/rpc_tls_clients.txt" (Optional) Path to a plain text file containing space separated client’s certificate’s common name and its sha-256 fingerprints when they are not signed by a known CA. The presence of this file (even empty) will enable TLS client authentication i.e. the client will present its certificate to server on TLS handshake and server will establish that the client’s certificate is either signed by a proper/known CA otherwise server trusts client's certificate by reading it's sha-256 fingerprint from known clients file specified above. The format of the file is (as an example): localhost DF:65:B8:02:08:5E:91:82:0F:91:F5:1C:96:56:92:C4:1A:F6:C6:27:FD:6C:FC:31:F2:BB:90:17:22:59:5B:50 Signed-off-by: Usman Saleem <usman@usmans.info> Signed-off-by: edwardmack <ed@edwardmack.com>
- Loading branch information
1 parent
428956a
commit adf7a38
Showing
20 changed files
with
1,084 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.