-
Notifications
You must be signed in to change notification settings - Fork 462
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
StartTLS #243
Comments
Hello @valero90 IMO I think it is not in the scope of Gotenberg and it should be handled by a proxy! |
Hello, Two additional configuration options would be needed to parameterize key and certificate location. Greetings, Thomas |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
I think this is something still worth pursuing, even if this issue has been staled for some time. At our company we need to encrypt any traffic between our Kubernetes pods/containers using SSL and therefore we would need to encrypt Gotenberg traffic as well. Our current solution is embedding an nginx reverse proxy into the Gotenberg container image and using that to communicate with Gotenberg, but this is not the best solution in my opinion... I would be very happy to work on an SSL feature for Gotenberg, if you want. Even if Gotenberg is not intended to be exposed to the internet, as stated in the docs, it can't hurt to have SSL support for companies like ours. |
Sure feel free to open a PR! 😄 |
Many security standards and contracts require TLS 1.2 and above and secure crypto suites. |
PR is out! Open for review 👀
I'm just using the |
@jonasgeiler
I found an example here: https://gist.github.com/denji/12b3a568f092ab951456 |
Hmmm unfortunately I am not quite sure how to implement this with Echo. The |
The example with TLSConfig is in the link you shared. It's the example right beneath startTLS. |
I saw the section you have linked before, but the problem I've described still remains. EDITOkay, forget anything I've said. Apparently Go already sets the TLS minimum version to 1.2 by default, so we don't have to do anything! See here for more info: https://pkg.go.dev/crypto/tls#Config |
Would it be possible to add an option to accept SSL connections to make HTTPS connections?
The text was updated successfully, but these errors were encountered: