Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generate default SSL certificate at runtime at first startup #453

Closed
subnetmarco opened this issue Aug 7, 2015 · 4 comments
Closed

Generate default SSL certificate at runtime at first startup #453

subnetmarco opened this issue Aug 7, 2015 · 4 comments
Assignees
@subnetmarco

Comments

@subnetmarco
Copy link
Member

No description provided.

@subnetmarco subnetmarco added the cli label Aug 7, 2015
@subnetmarco subnetmarco self-assigned this Aug 7, 2015
@thibaultcha
Copy link
Member

+1

@subnetmarco
Copy link
Member Author

Closed by mistake.

@subnetmarco subnetmarco reopened this Aug 7, 2015
@thibaultcha thibaultcha removed the cli label Aug 10, 2015
@thibaultcha
Copy link
Member

Not related to the CLI this should be something specific to the SSL plugin, running in the init worker of the said plugin for example.

@subnetmarco
Copy link
Member Author

This is a minor improvement, not a new feature, of the current SSL implementation, so it needs to happen where currently the weak point is, in the CLI.

As for changing it in the future, there currently is a problem. The plugins should be able to be installed without restarting/reloading the entire Kong cluster to make them effective. Embedding this functionality into the SSL plugin would change this behavior introducing an exception and requiring the cluster to be restarted/reloaded.

The reason why the SSL plugin currently works without restarting/reloading the cluster, is because SSL is enabled by default and what the SSL plugin does is only changing the SSL certificate being served.

In order to enable SSL by default, nginx requires default certificates, that will be auto-generated after this PR is being merged (as opposed as being hard coded).

Basically enabling SSL is in the nginx scope, not in the plugin scope.

subnetmarco added a commit that referenced this issue Aug 10, 2015
@subnetmarco
Merge pull request #456 from Mashape/fix/ssl
15e6029 
Closes #453 and #235
@subnetmarco subnetmarco mentioned this issue Aug 11, 2015
Closed
ctranxuan pushed a commit to streamdataio/kong that referenced this issue Aug 25, 2015
@subnetmarco
Closes Kong#453 and Kong#235
e666beb 
Former-commit-id: 907eb6f66b5ffea68914cc1fcb0f8b74d982d297
ctranxuan pushed a commit to streamdataio/kong that referenced this issue Aug 25, 2015
@subnetmarco
Merge pull request Kong#456 from Mashape/fix/ssl
bf1c96e 
Closes Kong#453 and Kong#235

Former-commit-id: 7c0f0001d8621a2a25ca91eeaa9f5771dd48a96e
hutchic pushed a commit that referenced this issue Jun 10, 2022
@chronolaw
default enable lmdb (#453)
ed34495
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@subnetmarco subnetmarco

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@subnetmarco @thibaultcha