<-- back to the mailing list

How can I separate the gemini/mercury and TLS/cert functions (serverside)?

Omar Polo op at omarpolo.com

Sun Aug 15 18:47:24 BST 2021

- - - - - - - - - - - - - - - - - - - 

On 15 August 2021 18:26:08 CEST, "ew.gemini" <ew.gemini at nassur.net> wrote:

Hello geminauts,
I am toying with the idea to separate the handling of the gemini
request from the handling of TLS. I believe I have read about
such a setup on a *bsd system somewhere, but I'm unable to find
it again. I /think/ the tls-handling relay was called something
with "jet" in the name, but I could be wrong.
So why would I do this? The gemini/mercury server part could
well run on a small microcontroller. Within my home network TLS
is not really neccessary. But I would be nice to connect such a
controller to the outside world using a proxy or similar, which
does handle the tls and certificate side of things, and relays
the raw request and its reply between the controller and the
client via ethernet.
Any pointers are highly appreciated.
Thanks,
~ew
PS: while I'm good at number crunchers and shell scripts, I am
highly illiterate with respect to anything network and sockets.

you can try vger: it's meant to be run from inetd under relayd/nginx/... because it obviously doesn't handle TLS. But if you make inetd listen on 1965... :)-- Sent from my Android device with K-9 Mail. Please excuse my brevity.