Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
x/crypto/acme/autocert: serve self-signed cert for localhost? #20640
Idea inspired by a mailing list post on golang-nuts,
What if the autocert package [optionally?] could serve a self-signed cert for localhost connections?
It can look at SNI "localhost" and/or the connection addr being a loopback address.
Might be nice for testing / consistency.
+1, it should make a self-signed certificate for the "localhost" or "127.x.x.x" names, as it's clear a real cert will never be obtained for them.
Note though, it should not look at the Listen address, as binding to 127.0.0.1 and then redirecting with iptables is totally fine and common.
I'm not keen on putting unicast DNS and mDNS stuff into one basket for now.