Mantissa support for letsencrypt

twisted / mantissa

Divmod Mantissa is an application server with a web interface built using Axiom and Nevow.

MIT License

5 stars 10 forks source link

Mantissa support for letsencrypt #40

Closed mithrandi closed 6 years ago

mithrandi commented 8 years ago

Activating this for a particular TLS port would take care of periodically renewing the certificate, most likely using tls-sni-01 verification so that the challenges can be handled through the same port, and restarting the port with the new certificate, for a completely "handsfree" operational experience.

glyph commented 8 years ago

:100:

glyph commented 8 years ago

You don't actually need to "restart" the port, because it is at least hypothetically possible to start responding to clientConnectionForTLS and serverConnectionForTLS with connection objects bound to new contexts.

mithrandi commented 8 years ago

I guess assuming we're using txsni for this, we just need to swap out the certificate in txsni's certificate mapping structure.

mithrandi commented 6 years ago

You can use the txacme le: endpoint for this (sort of, see twisted/txacme#129 and #54)