atomic-server icon indicating copy to clipboard operation
atomic-server copied to clipboard

Published 20 hours ago verified publisher icon atomicdata-dev

Remove openssl dependency - use Rustls

Open joepio opened this issue 4 years ago • 4 comments

I think (although I'm not entirely sure) that OpenSSL is the only runtime dependency of atomic-server. It's required only for the HTTPS setup process, which is currently done using acme_lib. ~~I could use rustls-acme for this~~, no use async-acme.

Also, I could make the https setup process an optional feature, which seems a bit easier.

I don't think this issue should be a priority, as most runtimes already have OpenSSL - or they can use my docker image.

  • [x] Make HTTPS optional, allows for non-OpenSSL required builds
  • [ ] Use Rustls for initialization (rustls-acme / async-acme)

joepio avatar Oct 21 '21 16:10 joepio

rustls-acme uses async-std which is currently used very little (see #366). Maybe a better option is async-acme?

jonassmedegaard avatar Apr 02 '22 23:04 jonassmedegaard

rustls-acme also causes duplicate older branches of ureqand rustls to be pulled in, because it depends on unstable 0.x APIs and haven't been updated for some time.

jonassmedegaard avatar Apr 03 '22 00:04 jonassmedegaard

async-acme looks even better indeed!

joepio avatar Apr 03 '22 11:04 joepio

until this issue is solved, it might make sense to consider acme-micro which seems a (somewhat) more actively maintained fork of acme_lib.

jonassmedegaard avatar Apr 07 '22 19:04 jonassmedegaard

This issue just got a bit more important. My own CI pipeline broke because of openssl version mismatch. I didn't know that could happen. It even makes running the docker container impossible.

joepio avatar Feb 02 '23 21:02 joepio