#2460 closed enhancement (fixed)
per socket ssl options
| Reported by: | Antoine Martin | Owned by: | Antoine Martin |
|---|---|---|---|
| Priority: | major | Milestone: | 4.0 |
| Component: | network | Version: | 3.0.x |
| Keywords: | Cc: |
Description
Split from #2424: SSL wrapping is more difficult because it takes so many arguments, and we're not currently storing them but taking them from the config object directly. So they would need to be copied as attributes in the server object so we can re-use them later.
Change History (4)
comment:1 Changed 15 months ago by
| Status: | new → assigned |
|---|
comment:2 Changed 15 months ago by
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Done in r25197.
Examples for server side:
xpra start --start=xterm --bind-tcp=0.0.0.0:10000,ssl-cert=./ssl-cert.pem,ssl-protocol=SSLv23 --bind-ssl=0.0.0.0:10001,ssl=cert=./ssl-cert2.pem
ie: each socket will use a different cert.
All the usual ssl options can be specified individually for each socket.
The existing --ssl-XYZ command line options are still valid and are used as default values.
For ssh, see #2583
comment:3 Changed 11 months ago by
comment:4 Changed 4 months ago by
this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/2460
Note: See
TracTickets for help on using
tickets.
copyleft 2010 - 2021
Client side done in r25186 + r25190 + r25191.
ie: