web-server icon indicating copy to clipboard operation
web-server copied to clipboard
verified publisher icon racket

Expose private key format options

Open bdj opened this issue 10 months ago • 4 comments

I want to use a LetsEncrypt key with the Racket web server, but the default private key is now an EC key. Exposing these parameters enables the web server to run with one of these keys (by setting rsa? to #f and asn1? to #t in the underlying call to ssl-load-private-key!). I also tried it with a key generated by the https://nixos.wiki/wiki/ACME service (which requires rsa? #f and asn1? #f).

I wanted to try to determine these parameters automatically from the key file, but I don't think there is a robust way to do that. If anyone has ideas, I can make that change instead.

I am unsure of how to write tests for this as it is just passing parameters through to the underlying openssl call. If anyone has ideas for how to write tests for this, I will add tests as well. I also don't know if I updated the documentation correctly.

You can see this working at https://bdj.dev currently (no uptime guarantees).

bdj avatar Feb 07 '25 01:02 bdj