pwdsphinx icon indicating copy to clipboard operation
pwdsphinx copied to clipboard

Published 20 hours ago verified publisher icon stef

How to configure [client|server][ssl_key|ssl_cert]?

Open rolfschr opened this issue 4 years ago • 2 comments

Hi,

could you add some documentation about the [client|server][ssl_key|ssl_cert] config options? The code mentions that one should use different certs/keys for dev & prod. Could you give examples of how to setup oracle.py/sphinx.py in a dev and a prod scenario? I simply don't know what is expected to be configured there.

rolfschr avatar Dec 16 '20 13:12 rolfschr

excellent question, the easy way is to use a self-signed cert, which you can setup like this:

openssl req -nodes -x509 -sha256 -newkey rsa:4096 -keyout ssl_key.pem -out ssl_cert.pem -days 365 -subj '/CN=localhost'

the better way do do this, is to have this cert signed by letsencrypt. for that you need one of the letsencrypt clients.

i have to setup a letsencrypt cert for my install also, i will document that and post it here, and the readme in the coming days.

stef avatar Dec 16 '20 14:12 stef

Perfect, thanks for the quick reply!

rolfschr avatar Dec 16 '20 14:12 rolfschr