[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] HKPS configuration?
From: |
Christian Reiß |
Subject: |
Re: [Sks-devel] HKPS configuration? |
Date: |
Tue, 11 Feb 2014 16:27:57 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 |
Hey,
hkps is basically a 443 to hkp forward - I am using nginx for that. Just
be SURE you do NOT use SNI or rely/ need a vhost/hostname as some
client/most clients (gnupg) do not send this information. It is actually
only feasible on a dedicated IP for SKS where Port 443 is solely used
for https/hkps.
tl;dr: Just up a new ip and set up nginx on 443 on that, accepting all
and forwarding to local hkp.
-Christian.
On 11/02/14 16:23, Tyler Schwend wrote:
> My SKS instance is behind a reverse proxy, plaintext on the standard
> port. I have connections on port 80 that reference my server name
> forwarded to localhost:11371. I assume this is "port 80 HKP", and works
> for me through my at-work proxy.
>
> Is HKPS basically doing the same thing, but wrapping the outside
> connection in HTTPS? Are clients that contact HKPS nodes generally
> capable of specifying the server name, or do I need to run HKPS on its
> own port?
>
>
>
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/sks-devel
>
--
Christian Reiss - address@hidden /"\ ASCII Ribbon
\ / Campaign
GPG Key: http://gpg.christian-reiss.de X against HTML
Jabber : address@hidden / \ in eMails
"It's better to reign in hell than to serve in heaven.",
John Milton, Paradise lost.
signature.asc
Description: OpenPGP digital signature