https://kotlinlang.org logo
#ktor
Title
# ktor
s

spierce7

02/14/2023, 3:15 AM
I'd like to use ktor as a reverse proxy that can automatically generate letsencrypt certificates and use them to serve content at runtime. Does anyone know of any way to hot swap in new ssl certificates at runtime?
a

Andrew O'Hara

02/14/2023, 3:31 AM
This function is usually the responsibility of a load balancer (like AWS ELB; which automatically keeps certs up to date and has reverse-proxying capabilities). But if you want to make your own, I think the only way to renew certs at runtime is to have an nginx/apache proxy in front of your ktor server. Those servers can integrate with letsEncrypt certbot, which will swap the certs at runtime. Your nginx/apache proxy would be running on port 443, terminating TLS, and forwarding unencrypted traffic to your ktor server. But at this point, if your reverse-proxy logic is simple enough, then nginx/apache could probably perform the reverse-proxying; making the ktor server redundant.
s

spierce7

02/14/2023, 4:03 AM
I require special logic during the reverse proxy
plus if I use nginx / caddy, that's an additional layer.
Oh - maybe I can do that inside the same docker container. That wouldn't be the end of the world
a

Andrew O'Hara

02/14/2023, 1:50 PM
Yeah, I should have made it more clear that you can easily run them both on the same container/instance.
4 Views