Explanation about the node.ws variable

[danijelTxFusion]

I am struggling to figure out what is node.ws varible is used for? I created the certificate secret using cert-manager, but can it be used for configuring TLS for rpc, rest and ws endpoints? I see the volume is attached to the node pod, but I can't figure out how to configure celestia node to use that certificate.

 node:
   ws:
      tls:
        enabled: true
        ## A secret must be available in the cluster with the following format:
        ## - name: <secret-name>
        ## - items:
        ##     - key: tls.cert
        ##     - key: tls.key
        secret:
          name: celestia-cert  # created by cert-manager

[smuu]

Hello @danijelTxFusion,

This tls certificate is only used for websocket and is optional. (Only needed for in-browser light nodes on iOS.)

The helm-chart sets the env variable CELESTIA_TLS_PATH to the path to which this secret is mounted, and the indication in the logs is very subtle. During the startup, it shows if it exposes the websocket with or without tls enabled.

Please let me know if you have follow-up questions.

[danijelTxFusion]

So the rpc and rest ports need to be behind proxy for TLS communication?

[smuu]

So the rpc and rest ports need to be behind proxy for TLS communication?

Yes, exactly