New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TLS #25
Comments
A small data point: At work, we've been pushing folks to use and out-of-process proxy (very similar to Envoy) that handles TLS termination. That system handles a lot of complexity for people. It might be worth telling folks using Tide to heavily consider not handling TLS themselves and instead outsource it to a system like Linkerd, Envoy, or their cloud provider's hosted load balencer. |
The Other options for TLS would include:
|
Interestingly, while I agree that deployment usually works well through terminating/offloading proxies, TLS support during development is an incredibly nice thing to have, catching many errors on https deployments early. |
I don't really see why this direction has to be taken. While it is a common practise in edge services, I don't see why Tide has to be deployed with another proxy just for TLS in simplified infrastructures, where a side car pattern is not desired. While I don't see Tide being deployed on the edge any time soon, I do think Tide without a sidecar pattern in infrastructures that desire secure internal communication is a highly valid use case and should be supported from the beginning. |
@Darkspirit we should probably provide support for TLS out of the box though; but async-tls definitely seems like the right starting point! |
Note from triage: we now have https://github.com/http-rs/tide-rustls! -- we want to build a native version of this as well, so that we can compare both and then move them into Tide proper. edit: this would become a lot simpler if we can merge |
After more conversation: the integration with tide will likely be a re-export of the |
Add support for TLS.
The text was updated successfully, but these errors were encountered: