SSL Support

[satishmaha]

https://github.com/PerfectlySoft/Perfect allows the ability to start the server with a cert+key. Since HTTPS is now recommended everywhere, along with initiatives like https://letsencrypt.org, what do you think?

[damian-kolakowski]

:+1: thanks for this report !

I am going to add OpenSSL soon.

Best

[satishmaha]

Super! Please let me know if you need QA/Testing

Thank you for all your hard work into this lib :)

[bizz84]

Any update on this? This library is very easy to use, but I need to run my local server in https in production.

[Laban1]

I love the library, but I need to use https in production (and we are moving to production very soon).

Please give an ETA on this.

Thanks!

[JBlitter]

We really want to use this in production but can't yet because https isn't there. Any update on when it might be ready? Thanks!

[julien-c]

Hi all, any reason why you could not stick nginx in front of your swifter servers?

[Laban1]

@julien-c: I have never used nginx, but adding proxies to the mix adds additional points of failure & maintenance, especially when you are dealing with ~100 tablets spread out over several locations with no IT staff on-site. Further, would not the traffic between the nginx server and the tablets still be over HTTP?

[julien-c]

If you use nginx as a reverse proxy just for SSL termination, the maintenance overhead will be minimal. This is literally 4 lines of nginx configuration.

[Laban1]

@julien-c: we would still need to install an nginx server at each location and then keep it updated and secure (sensitive data) and if it breaks it affects all tablets at the location. Further, the connection between the proxy and each tablet would still not be secure. In our scenario we are required to use SSL all the way to each tablet.

[Laban1]

Hi all,

I was not able to find another Swift iOS web server and need only part of the traffic encrypted, so I used this this library: https://github.com/TakeScoop/SwiftyRSA to accomplish this. In brief, here is what I did: 1) Created a key pair (RSA 2048 bit) on the Linux server that is interacting with the iPads 2) Created a web service method to send the public key to the iPads and store it in the key chain. 3) When sensitive data needs to be sent from the iPads to the server, I use the public key to encrypt it (so that it gets sent as a Base64 encoded encrypted data) 4) The server decodes the Base64 and then uses the private key to decrypt the data

This seems to work very well and was easy to implement, so I figured I share it here in case somebody else is in a similar situation.

Note: RSA 2048 can only encrypt up to 245 bytes, so if you need to encrypt more data you can use the RSA keys to exchange a symmetric key to do the encryption of larger amount of data with (the same as TLS does).

[yvbeek]

SSL support would be great. Apple is making it harder and harder to do regular HTTP requests.

In my case I would like a few iPads to securely communicate with each other. Unfortunately iOS, nor any third party project that I could find, offers a server with HTTPS support.

[krzyzanowskim]

No SSL support? what is this @glock45 1999? #justkidding

[damian-kolakowski]

@krzyzanowskim There is some work here https://github.com/httpswift/swifter/tree/master/Sources/TLS 👍

[voynovia]

really need

[mgfeldman]

Any plans to resume work on SSL support?

[Daij-Djan]

I'd also love this - the library looks and feels great but not having SSL is an issue :/

[yvbeek]

Yesterday I've open-sourced our web server Telegraph: https://github.com/Building42/Telegraph

It has SSL support if you guys are still looking for it.

[Daij-Djan]

very nice. thanks

[mgfeldman]

@Zyphrax Thanks, I'll give it a shot!

[yvbeek]

No problem, if you have any feedback, let me know.

[jeff-h]

I should also mention https://github.com/BiAtoms/Http.swift which has SSL/TLS support.

[Laban1]

@glock45 Any plans to resume the SSL work?

[linhaosunny]

@krzyzanowskim There is some work here https://github.com/httpswift/swifter/tree/master/Sources/TLS 👍

how to use this?