-
Notifications
You must be signed in to change notification settings - Fork 4.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Figure out a TLS solution for the JSON RPC API #1024
Comments
Apache's mod_proxy provides a reasonable workaround for now. For now we can configure one of our web servers with TLS (perhaps even solana.com) to proxy JSON RPC traffic to/from the desired network: SetupCreate the file /etc/apache2/conf-available/solana-json-rpc-https-proxy.conf,
Then activate the reverse proxy with:
|
My plan here is to create/publish a docker image that fullnodes wanting to run the RPC service can use to easily setup a TLS reverse proxy |
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.22 to 1.0.23. - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](dtolnay/thiserror@1.0.22...1.0.23) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
These days browsers complain loudly when https is not used:
This spells trouble for our http-only JSON RPC API. Ideally we provide the ability to run the API over https, but we may have to build an RPC proxy if the Rust crates we're using for JSON RPC can't be TLSed.
The text was updated successfully, but these errors were encountered: