d2f6de0185
Currently, GtS only supports using the built-in LE client directly for TLS. However, admins may still want to use GtS directly (so without a reverse proxy) but with certificates provided through some other mechanism. They may have some centralised way of provisioning these things themselves, or simply prefer to use LE but with a different challenge like DNS-01 which is not supported by autocert. This adds support for loading a public/private keypair from disk instead of using LE and reconfigures the server to use a TLS listener if we succeed in doing so. Additionally, being able to load TLS keypair from disk opens up the path to using a custom CA for testing purposes avoinding the need for a constellation of containers and something like Pebble or Step CA to provide LE APIs. |
||
---|---|---|
.. | ||
gen | ||
testdata | ||
config.go | ||
config_test.go | ||
defaults.go | ||
flags.go | ||
global.go | ||
helpers.gen.go | ||
state.go | ||
validate.go | ||
validate_test.go |