We have some code to support a valid TLS cert in the webtransport listener, but we disabled it in https://github.com/libp2p/go-libp2p/pull/1927. There's some subtlety around making it secure.
In the mean time we may bake some assumptions that a webtransport multiaddr mostly has a certhash: https://github.com/libp2p/go-libp2p/pull/2227#discussion_r1151324966. When we re-enable static tls config we should revisit that discussion and see if anything needs to be changed
We have some code to support a valid TLS cert in the webtransport listener, but we disabled it in https://github.com/libp2p/go-libp2p/pull/1927. There's some subtlety around making it secure.
In the mean time we may bake some assumptions that a webtransport multiaddr mostly has a certhash: https://github.com/libp2p/go-libp2p/pull/2227#discussion_r1151324966. When we re-enable static tls config we should revisit that discussion and see if anything needs to be changed