Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

certmagic.SelfSignedCA as certmagic.CA value #27

Open
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
3 participants
@mschneider82
Copy link

commented Mar 1, 2019

introduced: certmagic.SelfSignedCA as possible certmagic.CA value to create a self-signed certificate with HTTPS()

implemented a prototype for idea in #25

@mschneider82 mschneider82 force-pushed the mschneider82:feature/CASelfSinged branch from cc0bf0c to 2c5a754 Mar 1, 2019

@mrg0lden

This comment has been minimized.

Copy link

commented Apr 22, 2019

@mholt will this PR get some love?

@mholt

This comment has been minimized.

Copy link
Owner

commented Apr 22, 2019

Perhaps. At a glance, this approach has at least one significant downside: self-signed certificates can't actually be managed; i.e. there is no way to renew them. 10-year lifetime is not exactly a good idea in many situations, and a better approach would be to create a single CA from which all other certs are self-signed.

I'm currently refactoring how CertMagic manages certificates, which has strong implications about how self-signed certificates are handled. The Manager interface recently introduced on master should make it possible to implement a SelfSigned certificate manager. But whether that ends up in this repo is still an open question. If the implementation is good enough, then perhaps!

Also it will need tests.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.