Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mantissa support for letsencrypt #40

Closed
mithrandi opened this issue Feb 3, 2016 · 4 comments
Closed

Mantissa support for letsencrypt #40

mithrandi opened this issue Feb 3, 2016 · 4 comments

Comments

@mithrandi
Copy link
Contributor

Activating this for a particular TLS port would take care of periodically renewing the certificate, most likely using tls-sni-01 verification so that the challenges can be handled through the same port, and restarting the port with the new certificate, for a completely "handsfree" operational experience.
@glyph
Copy link
Member

glyph commented Feb 3, 2016

💯

@glyph
Copy link
Member

glyph commented Feb 3, 2016

You don't actually need to "restart" the port, because it is at least hypothetically possible to start responding to clientConnectionForTLS and serverConnectionForTLS with connection objects bound to new contexts.

@mithrandi
Copy link
Contributor Author

I guess assuming we're using txsni for this, we just need to swap out the certificate in txsni's certificate mapping structure.

@mithrandi mithrandi mentioned this issue Feb 19, 2016
Closed
@mithrandi
Copy link
Contributor Author

You can use the txacme le: endpoint for this (sort of, see twisted/txacme#129 and #54)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@glyph @mithrandi