Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL/TLS/HTTPS Support (yes, another one) #511

Closed
mattdodge opened this issue Mar 8, 2019 · 7 comments
Closed

SSL/TLS/HTTPS Support (yes, another one) #511

mattdodge opened this issue Mar 8, 2019 · 7 comments

Comments

@mattdodge
Copy link
Contributor

I know there is already tons of discussion about HTTPS on here. I feel like most of the conversation is around "automatic" HTTPS though - obviously that is going to be a challenge with generating certs and trusting CAs and yadda yadda yadda.

Are we opposed to adding CLI flags to provide existing certs/keys to run with SSL though? There are a lot of tools popping up like mkcert and cfssl that simplify the creation of local certs. There is also a recent trend of requiring HTTPS on certain domain names.

I can't imagine there would be opposition to this but perhaps I'm not fully understanding why HTTPS support isn't here in the first place. I'm happy to contribute and help, but want to make sure this is something the team is in support of first.
@csi-lk
Copy link

csi-lk commented Apr 3, 2019

Cam to ask the same question, looks like support was implemented at some point with #274 but I think the repo has evolved since then

@r0mflip
Copy link

r0mflip commented Apr 4, 2019

I can't imagine there would be opposition to this but perhaps I'm not fully understanding why HTTPS support isn't here in the first place.

serve is designed around the concept where your SSL is terminated by your reverse proxy, where your certs and all are managed by your organization rather by the developer (like on Zeit deployments).

@mattdodge
Copy link
Contributor Author

@r0mflip you're speaking like you have authority to describe the intent of serve but I can't help but be skeptical. SSL termination? Reverse proxies? Those are things that exist in production, not development. Unless I'm completely misunderstanding what serve's purpose is, it should rarely (never?) be run in production but rather on a developer's machine. I thought it existed to get a one-line command to view file directory and/or view a single page app.

If I had nginx up and running already why would I even need serve? This should be my replacement to a complicated nginx setup.

@r0mflip
Copy link

r0mflip commented Apr 5, 2019
edited

@r0mflip you're speaking like you have authority to describe the intent of serve but I can't help but be skeptical.

@mattdodge That was never my intention, I clearly do not speak for serve. I've just given my opinion. Guess I misinterpreted a lot. Sorry.

@mattdodge mattdodge mentioned this issue Apr 5, 2019
Merged
@EqualMa
Copy link

EqualMa commented May 6, 2020

Currently, --ssl-cert and --ssl-key options can be specified to enable ssl, as serve --help describes.
I tried it with mkcert and it works.
So maybe this issue can be closed now.

@mattdodge
Copy link
Contributor Author

Yep you're right, didn't realize this was still open, thanks for the heads up!

@marcofugaro marcofugaro mentioned this issue Jul 2, 2020
Open
This was referenced Aug 13, 2020
Merged
Open
@baharalidurrani
Copy link

Please add this to the docs too.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mattdodge @csi-lk @baharalidurrani @EqualMa @r0mflip