sasa1977
commented
3 years ago I think this is a wonderful idea!
Currently to run the internal ACME server we pass {:internal, port: xyz}. This could be expanded with an optional :ca setting (defaults to nil), which should be propagated to this code, where the pair is used if provided, or generated if not.
The corresponding test could generate its own pair, start the endpoint with the given setting, and verify that the key is issued by the correct issuer.
WDYT?
hauleth
I have my own "small CA" that I ran on my machine for development. It is already added as a root cert, so it would be handy to be able to reuse that one instead of being forced to add exceptions for each application independently for internal ACME server.