Unsecure HTTP should never be used. It opens up a motherload of fun security volubilities. Using Let’s encrypt and Kvarn, you can easily set up a secure HTTPS server.
Kvarn uses ring through Rustls. It’s been audited with great results - code quality was considered excellent.
Kvarn only accepts secure protocols. That excludes SSL and TLS versions before 1.2.
When creating a host, you need to supply a certificate and private key.
If you have PEM encoded keys, you can use the function