-
Notifications
You must be signed in to change notification settings - Fork 3
Generate SSL certificates for Myel providers #154
Comments
I don't think we have to deal we the whole Caddy HTTP server. |
I've spawn my own vps and used a domain name I own on Cloudflare, and with the basic code below I've been able to run a HTTP server with a ssl certificate, managed by certmagic which handles by itself the ACME challenge : package main
import (
"fmt"
"github.com/caddyserver/certmagic"
"github.com/libdns/cloudflare"
"net/http"
)
func main(){
certmagic.DefaultACME.DNS01Solver = &certmagic.DNS01Solver{
DNSProvider: &cloudflare.Provider{
APIToken: "MY_CLOUDFLARE_API_KEY",
},
}
handler := http.HandlerFunc(func(writer http.ResponseWriter, request *http.Request) {
fmt.Fprintf(writer, "HELLO WORLD :D")
})
panic(certmagic.HTTPS([]string{"curt.ly", "*.curt.ly"}, handler))
} |
I managed to make a proxy that redirects h.NewStream(ctx, p,
... ,
"/dns4/curt.ly/tcp/443/wss/p2p/12D3KooWL6iAkTwQzTDQ6vjC7pPXAMKAL1MTpVURTugc6Vip44WG", //. <-- something like that
), |
/dns4/curt.ly/tcp/443/wss/p2p/12D3KooWL6iAkTwQzTDQ6vjC7pPXAMKAL1MTpVURTugc6Vip44WG const Libp2p = require('libp2p')
const WebSockets = require('libp2p-websockets')
const {NOISE} = require('libp2p-noise')
const MPLEX = require('libp2p-mplex')
const node = await Libp2p.create({
modules: {
transport: [WebSockets],
connEncryption: [NOISE],
streamMuxer: [MPLEX]
},
addresses: {
listen: [
'/ip4/127.0.0.1/tcp/8100/ws',
]
},
})
// start libp2p
await node.start()
const advertiseAddrs = node.multiaddrs
console.log('libp2p is advertising the following addresses: ', advertiseAddrs, node.peerId.toB58String())
await node.ping("/dns4/curt.ly/tcp/443/wss/p2p/12D3KooWL6iAkTwQzTDQ6vjC7pPXAMKAL1MTpVURTugc6Vip44WG")
|
This might be the solution :
https://github.com/libp2p/go-ws-transport#security-and-multiplexing |
Only the facilitators will need to connect to their domain provider with an API to set a special TXT record in the domain’s zone, proving to the Certificate Authority the ownership of the domain name (see: https://letsencrypt.org/fr/docs/challenge-types/#d%C3%A9fi-dns-01). |
Benefits:
Each swarm could use its own SSL certificates to ensure :
Problem:
Hints :
The text was updated successfully, but these errors were encountered: