20:44 <sukhe> hi. I am getting "sandstorm/gateway.c++:988: error: refused HTTPS connection because no TLS keys are configured" when I try to enable HTTPS_PORT. what am I missing here? (I am not using sandcats.io but my own domain)

20:44 <sukhe> do I _have_ to set up a reverse proxy with nginx to make this work?

21:12 <sknebel> I think so

21:51 <sukhe> sknebel: yeah I have come to the same conclusion as well but I will wait in case someone has any other ideas :)

22:54 <TimMc> sukhe: You don't have to use a reverse proxy with the latest version (there's a hidden feature to hand a TLS cert and key to Sandstorm) but you do need a cert.

22:56 <TimMc> I bought a wildcard cert for about $45 but Let's Encrypt just rolled out wildcard support recently, so you might go for that instead.

23:23 <sukhe> TimMc: yeah I got the one from LetsEncrypt. can you please point me to the hidden feature if it is handy? I have tried all I could

23:41 <TimMc> sukhe: OK, here's the (I think still undocumented and UI-less) way to get Sandstorm to use yoru own cert and key:

23:41 <TimMc> « you can give Sandstorm your key/cert by doing this at the JS console while logged in as admin: Meteor.call("setTlsKeys", { key: "<private-key-pem>", certChain: "<certificate-pem>" }) »

23:41 <TimMc> « then set HTTPS_PORT=443 and EXPERIMENTAL_GATEWAY=true in sandstorm.conf »

23:43 <sukhe> TimMc: interesting; I will try it. thanks!

23:45 <sukhe> https://sandstorm.io/news/2018-02-19-http-rewrite-and-more

23:47 <TimMc> Ah, cool. I need to add https://sandstorm.io/feed.xml to my feed reader.