-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature Request] TLS and Lets Encrypt Support #28
Comments
In the meantime, for easy TLS, use Caddy with:
Run your chisel server on port 4444. Point |
You need to add a keywork "websocket" in your Caddyfile. |
Thanks, updated above |
TLS with lets encrypt support is now built into chisel, please test |
I want to support manual TLS with certs and automatic with Let's Encrypt (see acmewrapper. However, this would require a
tls.json
file (or a set of files) to store TLS state, and with Let's Encrypt you'd also need to specify a hostname and you'd be restricted to port 80/443. All of this adds complexity so, I ended up leaving TLS support out for now. Since the SSH protocol is already performing full authentication and encryption, I see TLS as an optional nice to have.Encrypting the keys using the server key then storing them encrypted out in the open, in a public database somewhere might work... First I'd need to use a proper PBKDF for the server key.
Please mention any comments/ideas you have below
The text was updated successfully, but these errors were encountered: