fatedier
commented
2 years ago Can you describe more about your configures?
Open tcurdt opened 2 years ago
fatedier
commented
2 years ago Can you describe more about your configures?
tcurdt
commented
2 years ago Let's say I have a http service on the LAN and I want to expose that via https on the a public machine.
I guess one could use frp to create a tunnel and then use e.g. caddy as a reverse proxy to that. Or maybe use cert-manager in DNS mode to obtain letsencrypt certs. Both not ideal.
It seems frp already supports TLS - so why not support getting the cert via acme directly?
fatedier
commented
2 years ago That makes sense.
I plan to support it in frp v2. Usage of HTTPS will be refactored future.
If it's easy to implement, i will add this in current release.
almereyda
commented
2 years ago In case one wanted to adopt implementation strategies from other approaches, there is boringproxy.io, which reuses caddyserver/certmagic for the task.
dest1n1s
commented
2 months ago Any progress on this? It'd be nice if frp supports automatic certificate renewal since it's cumbersome to have the certificates renewed on the relay server and then move them to the host.
Describe the feature request
A public facing https port needs a cert. It would be nice if the cert could automatically be obtained from letsencrypt.
Describe alternatives you've considered
I guess one could use caddy as another proxy in front - but that is less than ideal. It would be better to integrate
https://go-acme.github.io/lego/usage/library/
Affected area