You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should remove all the self-signed certificates, private keys, and keystores in pass-docker. These files should be generated and set when the containers starts.
Why?
To follow security best practices so that self-signed certs/keys/keystore don't accidentally get promoted to an actual runtime environment.
How?
Search for all cases, but at the time of writing this, the following containers configuration directories need to be changed:
idp
invenio-rdm
pass-core
Any containers that require self-signed certificates should be modified to execute a script to generate needed file on startup.
Acceptance Criteria
All self-signed certs/private keys/keystores are removed from pass-docker
The text was updated successfully, but these errors were encountered:
What?
We should remove all the self-signed certificates, private keys, and keystores in pass-docker. These files should be generated and set when the containers starts.
Why?
To follow security best practices so that self-signed certs/keys/keystore don't accidentally get promoted to an actual runtime environment.
How?
Search for all cases, but at the time of writing this, the following containers configuration directories need to be changed:
Any containers that require self-signed certificates should be modified to execute a script to generate needed file on startup.
Acceptance Criteria
All self-signed certs/private keys/keystores are removed from pass-docker
The text was updated successfully, but these errors were encountered: