I’m using caddytls.NewConfig(inst *caddy.Instance). Using manual certificate that is added to instance cache during plugin initialization (pem fetched via REST service) thus avoiding to store the certificate on drive which is less secure.
What kind of plugin(s) are you writing? I have a few comments already but I want more information about what you’re trying to do.
thus avoiding to store the certificate on drive which is less secure.
Only if your server is misconfigured; I hardly think storage on disk is less secure than downloading PEM files over HTTP. If someone has access to your home folder (or where ever your CADDYPATH is), that’s a bigger concern, since they probably have access to your network stack too.
It’s a plugin that manages certificate installation and rotation and SSL termination. It also does JWT validation and REST route filtering before proxying to underlying service (authorization and authentication). Our cert service is not using ACME protocol and Let’s Encrypt is not on radar any time soon.
Agree that if access to machine is compromised then other things will be compromised as well. But not having the private key on disk makes it a little more secure.
A better solution to this would probably be to swap out the few functions that do fundamental things like “ObtainCert” and “RenewCert” instead of replacing almost the entirety of Caddy’s caddytls package… that said, I’m sorry but I won’t be able to get around to that for some time (it’s not really on the roadmap), and that’s if there is enough demand. Plus I am still not convinced that “not having the private key on disk makes it a little more secure” – more private TLS keys have been compromised sitting in memory than on disk.