Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support TCP microservice over TLS #6745

Closed
BorntraegerMarc opened this issue Mar 24, 2021 · 6 comments
Closed

Support TCP microservice over TLS #6745

BorntraegerMarc opened this issue Mar 24, 2021 · 6 comments
Labels
needs triage This issue has not been looked into type: enhancement 🐺

Comments

@BorntraegerMarc
Copy link

BorntraegerMarc commented Mar 24, 2021
edited
Loading

Feature Request

Is your feature request related to a problem? Please describe.

In our Hybrid-Cloud environment we have some microservices running in our Cloud and some microservices running On-Premise of our customers.

Communication between the microservices is all TCP based.

Now, unencrypted traffic for internal Cloud communication might be OK. But not once the traffic goes beyond the Cloud over the public internet inside to a mission critical On-Prem service.

Describe the solution you'd like

NodeJS supports TCP sockets over TLS: https://nodejs.org/api/tls.html#tls_tls_createserver_options_secureconnectionlistener

Something similar should be implemented for NestJS.

Teachability, Documentation, Adoption, Migration Strategy

It's a new feature:

const options = {
  key: fs.readFileSync('server-key.pem'),
  cert: fs.readFileSync('server-cert.pem'),

  // This is necessary only if using client certificate authentication.
  requestCert: true,

  // This is necessary only if the client uses a self-signed certificate.
  ca: [ fs.readFileSync('client-cert.pem') ]
};

await NestFactory.createMicroservice<MicroserviceOptions>(
    AppModule,
    {
        transport: Transport.TCP,
        options: options
    },
);

What is the motivation / use case for changing the behavior?

I'm aware of the old issue: #1056

I'm also aware of the possibility to create a custom NestJS transporter to achieve the same goal.

However this ticket is about native NestJS TLS support. Which seems a good idea to secure traffic.
@BorntraegerMarc BorntraegerMarc added needs triage This issue has not been looked into type: enhancement 🐺 labels Mar 24, 2021
@kamilmysliwiec
Copy link
Member

kamilmysliwiec commented Mar 25, 2021
edited
Loading

Would you like to create a PR for this issue? :)

@BorntraegerMarc
Copy link
Author

I would love to create a PR 😄 I'm missing a bit the time though.

Anyone else can take this one?

@daflodedeing
Copy link

Hey, I work with nestjs since two years and want to contribute to the project. If you @kamilmysliwiec want, I would try to create a PR for it?

@kamilmysliwiec
Copy link
Member

@daflodedeing sounds great!

@Flusinerd
Copy link
Contributor

@daflodedeing Any progress?
Otherwise I would look into this.

This was referenced Jul 11, 2021
Closed
Merged
@kamilmysliwiec
Copy link
Member

Let's track this here #7516

@nomaxg nomaxg mentioned this issue Dec 2, 2022
Merged
8 tasks
@JakeMarquez JakeMarquez mentioned this issue Sep 11, 2023
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
needs triage This issue has not been looked into type: enhancement 🐺
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@BorntraegerMarc @Flusinerd @kamilmysliwiec @daflodedeing