Skip to content

Add TLS support for RPC/CLI #92

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tnull merged 1 commit into from
Jan 13, 2026
Merged

Add TLS support for RPC/CLI #92

tnull merged 1 commit into from
Jan 13, 2026

Conversation

@benthecarman
Copy link
Collaborator

@benthecarman benthecarman commented Jan 9, 2026

Built on top of #88 to reduce conflicts

With TLS we can now have encrypted communication with the client and
server. We auto generate a self signed cert on startup.

Co-Authored-By: Claude Opus 4.5 [email protected]

@benthecarman benthecarman requested a review from tnull January 9, 2026 22:57
@ldk-reviews-bot
Copy link

ldk-reviews-bot commented Jan 9, 2026
edited
Loading

🎉 This PR is now ready for review!
Please choose at least one reviewer by assigning them on the right bar.
If no reviewers are assigned within 10 minutes, I'll automatically assign one.
Once the first reviewer has submitted a review, a second will be assigned if required.

@ldk-reviews-bot
Copy link

ldk-reviews-bot commented Jan 12, 2026

🔔 1st Reminder

Hey @tnull! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

@benthecarman benthecarman marked this pull request as ready for review January 13, 2026 05:46
tnull
tnull reviewed Jan 13, 2026
View reviewed changes
ldk-server/src/util/tls.rs
Ok(PrivateKeyDer::Pkcs8(der.into()))
}

/// Generates a self-signed TLS certificate and saves it to the storage directory.
Copy link
Collaborator

@tnull tnull Jan 13, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we also want to support non-self-signed certificates, i.e., if users would for example use Lets Encrypt? Or out-of-scope for now and we'll just support mandatory local self-signed certificates?

Copy link
Collaborator Author

@benthecarman benthecarman Jan 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah i think out of scope for now, would be a good feature for the future though

@benthecarman @claude
Add TLS support for RPC/CLI
fc7ef64 
With TLS we can now have encrypted communication with the client and
server. We auto generate a self signed cert on startup.

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@tnull tnull merged commit ebef52e into lightningdevkit:main Jan 13, 2026
7 checks passed
@benthecarman benthecarman deleted the tls branch January 13, 2026 20:54
@benthecarman benthecarman mentioned this pull request Jan 14, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tnull tnull tnull approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@benthecarman @ldk-reviews-bot @tnull