ConfigOption/tls key path

From Snowblossom Wiki
Revision as of 23:19, 28 February 2022 by Fireduck (talk | contribs) (Created page with "==tls_key_path== Controls which key is used for signing the certificates used for TLS server side communication. When TLS service ports are enabled, this must be set. If th...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

tls_key_path

Controls which key is used for signing the certificates used for TLS server side communication.

When TLS service ports are enabled, this must be set.

If the path is empty, it will be created on startup. To get the node: address for the key, either look at the logs for a line like:

   INFO: My TLS address: node:h68q5s0xxs3pc5xhcyfa076j2a6942y6edlxn429

Or see address.txt in the tls_key_path directory.


General URI form is: schema://host[:port][/?key=node:...]

If using grpc+tls, the optional key parameter specifies which TLS key the node is expected to use.

For best security and privacy it is best to use grpc+tls and specify the key.

Default

None

Examples

node_uri=grpc://snow-tx1.snowblossom.org

node_uri=grpc://snow-tx1.snowblossom.org:2338

node_uri=grpc+tls://snow-tx1.snowblossom.org

node_uri=grpc+tls://snow-tx1.snowblossom.org?key=node:fgmfupck7seaq8t2gl6plzs5vh7nyl6656wscgq3

node_uri=grpc+tls://snow-tx1.snowblossom.org,grpc+tls://snow-de1.snowblossom.org