Recommend using certificates from LetsEncrypt instead of self-signed certs

[arunasank]

The docs recommend using self-signed certificates. They might as well recommend LetsEncrypt.

[evilaliv3]

@arunasank: actually the documentation documents the usage of self signed certificates only for testing purposes.

It would be valuable to re-integrate inside Tor2web the code of GlobaLeaks that implement the letsencrypt request and renewal.

[fpietrosanti]

@arunasank: actually the documentation documents the usage of self signed certificates only for testing purposes.

It would be valuable to re-integrate inside Tor2web the code of GlobaLeaks that implement the letsencrypt request and renewal.

Or it would be even more valuable to integrate the Tor2web functionalities inside GlobaLeaks to achieve not just LetsEncrypt but also the web administration interface, Tor management, software lifecycle, data retention, Statistics and a bullet proof software lifecycle.

De facto Tor2web is a minor feature of GlobaLeaks

[evilaliv3]

Or it would be even more valuable to integrate the Tor2web functionalities inside GlobaLeaks to achieve not just LetsEncrypt but also the web administration interface, Tor management, software lifecycle, data retention, Statistics and a bullet proof software lifecycle.

De facto Tor2web is a minor feature of GlobaLeaks

That would be a preatty easy but ugly way in my opinion; it would really complicate the maintainance of the two softwares.

Let's consider eventually to package some shared components as dependencies to build the two softeare (included eventually the management interfaces that you are looking for)