-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generate default SSL certificate at runtime at first startup #453
Comments
+1 |
Closed by mistake. |
Not related to the CLI this should be something specific to the SSL plugin, running in the init worker of the said plugin for example. |
This is a minor improvement, not a new feature, of the current SSL implementation, so it needs to happen where currently the weak point is, in the CLI. As for changing it in the future, there currently is a problem. The plugins should be able to be installed without restarting/reloading the entire Kong cluster to make them effective. Embedding this functionality into the SSL plugin would change this behavior introducing an exception and requiring the cluster to be restarted/reloaded. The reason why the SSL plugin currently works without restarting/reloading the cluster, is because SSL is enabled by default and what the SSL plugin does is only changing the SSL certificate being served. In order to enable SSL by default, nginx requires default certificates, that will be auto-generated after this PR is being merged (as opposed as being hard coded). Basically enabling SSL is in the nginx scope, not in the plugin scope. |
No description provided.
The text was updated successfully, but these errors were encountered: