x/crypto/acme/autocert: support ForceRSA as a per domain option #19265
Labels
Comments
phuslu
changed the title
|
Sorry, this isn't an option I want to see added. ForceRSA is a bit gross on its own. I don't think it needs more complication and configuration around it, especially since you can already wire it up yourself: just implement tls.Config.GetCertificate and delegate to two different Managers (one with true vs false) depending on the hostname. I think that the number of users of such a feature would be low enough (and decreasing over time) to not warrant adding this complexity for everybody. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (
go version)?go 1.8
What did you expect to see?
Currently, autocert.Manager.ForceRSA is a global option for all domains. I expect it's a per domain option.
e.g.
we can build multiple-domains https server with mixed RSA/ECC certificates base on this option.
The text was updated successfully, but these errors were encountered: