Support TLS on REST API #195
Description
With #77 about to close due to our initial implementation of a REST API we should not forget that we still need some support for securing access to that API across machine boundaries. #147 tracks support for authenticating the client using passwords or API tokens. Here we should look at:
- providing encryption of network traffic so Support client authentication #147's passwords or tokens do not leak
- authentication of Peekaboo as a server (server certificate and CRL checking)
- TLS-based client authentication in addition or instead of Support client authentication #147 (e.g. pre-shared keys (i.e. TLS-PSK) and TLS client certificates)