You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have a use case where we'd like to authenticate a node's gRPC interface using the same identity as the node's libp2p interface. This is currently possible by extracting the key pair from the Identity struct generated in crypto.go, however, the default certificate generated does not contain all of the fields required by 3rd party TLS implementations to verify the peer. See libp2p/go-libp2p-tls#97
Given this is not a standard use case, it may not make sense to build in special support for custom certificate options. However, we could implement that easily if the keyToCertificate method was exported along with a new method that returns the signed pkix.Extension.
The text was updated successfully, but these errors were encountered:
marten-seemann
changed the title
Allow generating TLS key pairs for use outside of libp2p
tls: allow generating TLS key pairs for use outside of libp2p
May 25, 2022
We have a use case where we'd like to authenticate a node's gRPC interface using the same identity as the node's libp2p interface. This is currently possible by extracting the key pair from the
Identity
struct generated incrypto.go
, however, the default certificate generated does not contain all of the fields required by 3rd party TLS implementations to verify the peer. See libp2p/go-libp2p-tls#97Given this is not a standard use case, it may not make sense to build in special support for custom certificate options. However, we could implement that easily if the
keyToCertificate
method was exported along with a new method that returns the signedpkix.Extension
.The text was updated successfully, but these errors were encountered: