Server: Support passphrase for SSL private key (#4488)

* SSL: support passphrase for private key * Recommend CLI argument or environment variable for key passphrase * Fix SSL passphrase handling to ensure it is always a string
2025-09-04 19:02:48 +03:00
parent 0ba317a318
commit e871886b13
3 changed files with 16 additions and 0 deletions
@@ -40,9 +40,15 @@ browserLaunch:
 port: 8000
 # -- SSL options --
 ssl:
+  # Enable SSL/TLS encryption
  enabled: false
+  # Path to certificate (relative to server root)
  certPath: "./certs/cert.pem"
+  # Path to private key (relative to server root)
  keyPath: "./certs/privkey.pem"
+  # Private key passphrase (leave empty if not needed)
+  # For better security, use a CLI argument or an environment variable (SILLYTAVERN_SSL_KEYPASSPHRASE)
+  keyPassphrase: ""
 # -- SECURITY CONFIGURATION --
 # Toggle whitelist mode
 whitelistMode: true