From d2f6de01856917b19e1f1ba6028f7e05d60e674b Mon Sep 17 00:00:00 2001 From: Daenney Date: Sat, 4 Mar 2023 18:24:02 +0100 Subject: [feature] Allow loading TLS certs from disk (#1586) Currently, GtS only supports using the built-in LE client directly for TLS. However, admins may still want to use GtS directly (so without a reverse proxy) but with certificates provided through some other mechanism. They may have some centralised way of provisioning these things themselves, or simply prefer to use LE but with a different challenge like DNS-01 which is not supported by autocert. This adds support for loading a public/private keypair from disk instead of using LE and reconfigures the server to use a TLS listener if we succeed in doing so. Additionally, being able to load TLS keypair from disk opens up the path to using a custom CA for testing purposes avoinding the need for a constellation of containers and something like Pebble or Step CA to provide LE APIs. --- docs/installation_guide/docker.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/installation_guide/docker.md') diff --git a/docs/installation_guide/docker.md b/docs/installation_guide/docker.md index e752ac750..140a1fefc 100644 --- a/docs/installation_guide/docker.md +++ b/docs/installation_guide/docker.md @@ -92,7 +92,7 @@ For example, let's say you created the `~/gotosocial/data` directory for a user #### LetsEncrypt (optional) -If you want to use [LetsEncrypt](../configuration/letsencrypt.md) for ssl certificates (https), you should also: +If you want to use [LetsEncrypt](../configuration/tls.md) for ssl certificates (https), you should also: 1. Change the value of `GTS_LETSENCRYPT_ENABLED` to `"true"`. 2. Remove the `#` before `- "80:80"` in the `ports` section. -- cgit v1.2.3