Closed george-e-shaw-iv closed 6 years ago
Seems like this would be a good reason to use https://github.com/mholt/caddy built-in. It would offer you automatic TLS
@francislavoie That looks like a great package, but I am really trying to avoid using packages that aren't maintained by golang in effort to not ever run into the problem of an outdated package causing problems.
I've thought about it for awhile and have gotten some advice and I think using https://godoc.org/golang.org/x/crypto/acme/autocert would be the best option. It would require no effort on the clients end to have TLS support as well as force every client to use TLS, which isn't a bad thing at all.
Severity level (1-10):
10
Files/Directories Involved:
pkg/gpaccount
pkg/gpserver
pkg/public
pkg/router
(?maybe?)Description:
Ports will have to be extended from 2 to 3 per bundle, the addition being the TLS port. I don't know if the router will need to be extended to use TLS, I'm not sure if it matters [help wanted there]. I also am not sure if I'm going to continue to allow HTTP access to either the gPanel Server/gPanel Account panels, or just strictly only allow HTTPS access [help wanted there as well].
Personal Comments: