swifter SSL Support

https://github.com/PerfectlySoft/Perfect allows the ability to start the server with a cert+key. Since HTTPS is now recommended everywhere, along with initiatives like https://letsencrypt.org, what do you think?

Feb 29 '16 04:02 satishmaha

:+1: thanks for this report !

I am going to add OpenSSL soon.

Best

Feb 29 '16 09:02 damian-kolakowski

Super! Please let me know if you need QA/Testing

Thank you for all your hard work into this lib :)

Feb 29 '16 09:02 satishmaha

Any update on this? This library is very easy to use, but I need to run my local server in https in production.

Apr 09 '16 20:04 bizz84

I love the library, but I need to use https in production (and we are moving to production very soon).

Please give an ETA on this.

Thanks!

Apr 14 '16 17:04 Laban1

We really want to use this in production but can't yet because https isn't there. Any update on when it might be ready? Thanks!

Apr 18 '16 14:04 JBlitter

Hi all, any reason why you could not stick nginx in front of your swifter servers?

Apr 18 '16 14:04 julien-c

@julien-c: I have never used nginx, but adding proxies to the mix adds additional points of failure & maintenance, especially when you are dealing with ~100 tablets spread out over several locations with no IT staff on-site. Further, would not the traffic between the nginx server and the tablets still be over HTTP?

Apr 18 '16 23:04 Laban1

If you use nginx as a reverse proxy just for SSL termination, the maintenance overhead will be minimal. This is literally 4 lines of nginx configuration.

Apr 19 '16 06:04 julien-c

@julien-c: we would still need to install an nginx server at each location and then keep it updated and secure (sensitive data) and if it breaks it affects all tablets at the location. Further, the connection between the proxy and each tablet would still not be secure. In our scenario we are required to use SSL all the way to each tablet.

Apr 19 '16 14:04 Laban1

Hi all,

I was not able to find another Swift iOS web server and need only part of the traffic encrypted, so I used this this library: https://github.com/TakeScoop/SwiftyRSA to accomplish this. In brief, here is what I did:

Created a key pair (RSA 2048 bit) on the Linux server that is interacting with the iPads
Created a web service method to send the public key to the iPads and store it in the key chain.
When sensitive data needs to be sent from the iPads to the server, I use the public key to encrypt it (so that it gets sent as a Base64 encoded encrypted data)
The server decodes the Base64 and then uses the private key to decrypt the data

This seems to work very well and was easy to implement, so I figured I share it here in case somebody else is in a similar situation.

Note: RSA 2048 can only encrypt up to 245 bytes, so if you need to encrypt more data you can use the RSA keys to exchange a symmetric key to do the encryption of larger amount of data with (the same as TLS does).

May 10 '16 02:05 Laban1

SSL support would be great. Apple is making it harder and harder to do regular HTTP requests.

In my case I would like a few iPads to securely communicate with each other. Unfortunately iOS, nor any third party project that I could find, offers a server with HTTPS support.