Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support provisioning gateways with SSL certificates issues with ACM #1257

Closed
r4victor opened this issue May 21, 2024 · 0 comments · Fixed by #1264
Closed

Support provisioning gateways with SSL certificates issues with ACM #1257

r4victor opened this issue May 21, 2024 · 0 comments · Fixed by #1264
Assignees
@r4victor
Labels
feature

Comments

@r4victor
Copy link
Collaborator

Currently, dstack supports issuing ACME certificates for gateways automatically via HTTP challenge (e.g. Lets Encrypt). This is not possible for internal-facing gateways. So, dstack supports http-only services for such gateways after #1171.

As the first option to enable https on gateways without public IPs, we decided to allow users to specify their AWS Certificate Manager (ACM) certificates when creating gateways. This approach should be familiar to AWS users and would not require permissions to manage DNS zones.

To support this, we'll provision such private gateways behind a load balancer with a certificate attached to the LB.

We focus on ACM support for internal-facing gateways, but we may also allow choosing ACM certificates instead of Lets Encrypt for public-facing gateways.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@r4victor r4victor

Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support gateways behind ALB with ACM certificate dstackai/dstack
1 participant
@r4victor