75e577c82e
All rpc sockets now listen using TLS by default, and this can not be turned off. The keys (defauling to the datadirectory) may be provided by --rpccert and --rpckey. If the keys do not exist we will generate a new self-signed keypair with some sane defaults (hostname and all current interface addresses). Additionally add tls capability to btcctl so that it can still be used. The certificate to use for verify can be provided on the commandline or verification can be turned off (this leaves you susceptible to MITM attacks) Initial code from dhill (rpc tls support) and jrick (key generation), cleanup, debugging and polishing from me. |
||
---|---|---|
.. | ||
btcctl.go |