Open tcurdt opened 2 years ago
Can you describe more about your configures?
Let's say I have a http service on the LAN and I want to expose that via https on the a public machine.
I guess one could use frp
to create a tunnel and then use e.g. caddy
as a reverse proxy to that. Or maybe use cert-manager
in DNS mode to obtain letsencrypt certs. Both not ideal.
It seems frp
already supports TLS - so why not support getting the cert via acme directly?
That makes sense.
I plan to support it in frp v2. Usage of HTTPS will be refactored future.
If it's easy to implement, i will add this in current release.
In case one wanted to adopt implementation strategies from other approaches, there is boringproxy.io, which reuses caddyserver/certmagic for the task.
Any progress on this? It'd be nice if frp
supports automatic certificate renewal since it's cumbersome to have the certificates renewed on the relay server and then move them to the host.
Describe the feature request
A public facing https port needs a cert. It would be nice if the cert could automatically be obtained from letsencrypt.
Describe alternatives you've considered
I guess one could use caddy as another proxy in front - but that is less than ideal. It would be better to integrate
https://go-acme.github.io/lego/usage/library/
Affected area