jceb
commented
1 month ago Hi @pohutukawa, glad to hear that you like the service and that it works for you :+1: Regarding the HTTPS issue, the tutorial, including the update flow should work as documented (https://dws.identinet.io/did-management/update-did/). If not, please let me know.
The flow works, because didkit's resolver makes an exception for did:web DIDs that refer to localhost. However, not every resolver implementation includes this feature, because it's not part of the did:web specification. Therefore, I recommend that you follow the instructions to set up a TLS certificate that is valid on your computer: https://dws.identinet.io/deployment/self-hosting/ Please change the external domain name (DWS_EXTERNAL_HOSTNAME) to did-web-server.localhost. This is a valid domain name on every computer and resolves to 127.0.0.1. However, it's different from localhost so you won't get bitten by DID resolvers that disable HTTPS for localhost ;-)
Please let me know if you continue to experience difficulties.
pohutukawa
I've given the service a good trial run today. I quite like the approach, and things worked quite well and expected as documented. However, DID Web resolvers use the
httpsprotocol for resolution, but when giving it a simple test with the (Docker) container, onlyhttponlocalhostis available.I've tried setting the
DWS_RESOLVER_OVERRIDEenvironment variable to something likehttp://id.localhost:8000, but it was still using the HTTPS resolution instead of the override.Is there a viable 'hack' to enable fuller testing of the service possible? I'm particularly interested in the update DID flow for this to register additional keys to the DID document (e.g. an X25519 key for
keyAgreement).