Support HTTPS #47
Comments
|
Yes of course, and there are very well known solutions when running a SaaS product. It gets really tricky when your clients are running the server on their own hardware (either an on-prem server or (even harder) their own dev laptops.) The reason is that to function, HTTPS requires a certificate. Certificates are issued for domains and then must be installed correctly. No certificate authority is going to issue a cert for "localhost" or an address on a local network. There's some workarounds like self-signed certs but supporting that is going to require you walk your customers through the process of getting that set up which is going to be a real friction point. So my recommendation is that if your clients are going to be using the system 100% on a private network (or on a single machine), we stick with http for now. I can certainly add HTTPS support to the "sass" configuration and for clients who are large enough to want encryption even on their own internal network, but that's maybe slightly further down the roadmap? |
|
Ok, these are very good points. I am going to close this for now and link this issue in the Backlog |
Obvious, so users dont have to send unencrypted packets over the wire.
More available here: https://fastapi.tiangolo.com/deployment/concepts/
The text was updated successfully, but these errors were encountered: