You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There was as pull request some time ago reactphp/http#351
Its discussion ended with "Please come back with more details if this is still relevant and we can always reopen this!"
I would like to re-open this issue.
I just started a new project with ReactPHP precisely because it allows me to implement a light weight API server without the need of something like Apache or Nginx. I am implementing tooling for server infrastructure management and don't want those tools to depend on stuff they are supposed to manage.
I was puzzled to realize that I cannot implement proper TLS client certificate processing via middleware using ReactPHP just because the certificate data is not passed along.
I get that if you have a high load user facing web app you will always have something like Nginx in front of the ReactPHP app handling the TLS stuff.
But I was under the impression that ReactPHP is at least also made for small low level API servers for which it makes little sense to bloat them with a proxy server but they nevertheless need the security of all available TLS features - like client certs.
TLS client certificate validation via 'verify_peer_name' / 'peer_name' is possible of course, but quite inflexible. Every slightly more sophisticated authentication schemes need to be done in code – but currently cannot in ReactPHP :(
Is there any way this feature could be picked up again?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
ReactPHP
-
There was as pull request some time ago
reactphp/http#351
Its discussion ended with "Please come back with more details if this is still relevant and we can always reopen this!"
I would like to re-open this issue.
I just started a new project with ReactPHP precisely because it allows me to implement a light weight API server without the need of something like Apache or Nginx. I am implementing tooling for server infrastructure management and don't want those tools to depend on stuff they are supposed to manage.
I was puzzled to realize that I cannot implement proper TLS client certificate processing via middleware using ReactPHP just because the certificate data is not passed along.
I get that if you have a high load user facing web app you will always have something like Nginx in front of the ReactPHP app handling the TLS stuff.
But I was under the impression that ReactPHP is at least also made for small low level API servers for which it makes little sense to bloat them with a proxy server but they nevertheless need the security of all available TLS features - like client certs.
TLS client certificate validation via 'verify_peer_name' / 'peer_name' is possible of course, but quite inflexible. Every slightly more sophisticated authentication schemes need to be done in code – but currently cannot in ReactPHP :(
Is there any way this feature could be picked up again?
Beta Was this translation helpful? Give feedback.
All reactions