well, shit, this looks like it's gonna be quite the epic mission actually
i need to write a custom TLSConfig function that fans out to explicit certificates versus the autocert letsencrypt thing... well, it probably won't be that hard tho
yeah, i'm in the middle of haxing actual certs into my reverse proxy swiss army knife
https://github.com/mleku/lerproxy
it already supports nip-05 and golang vanity redirects, so, now i'm adding own certificates because i'll have one soon, whenever they get around to emailing it to me... i've used DSV and my CNAME has the required doodads in it but of course takes phorever for these dumbasses to get the latest version even when you put a 1 minute TTL on the entry
Discussion
No replies yet.