Monday, 21 May 2018

What's the best way to manage TLS certificates? (self-signed in dev versus LetsEncrypt in prod)

I have an open source project for an https server. I use LetsEncrypt in production for certification management, but for local development I threw together some self-signed certs.I am currently using:if (path_to_lets_encrypt_certs_exists) use('/absolute/path'); else use('../local/certs'); I figure I shouldn't host the local certs to Github (self-signed). I'm not sure why, it just feels wrong, but I suppose there's nothing dangerous about it? I added the local cert path to .gitignore.I'm not sure I am handling this correctly though.This project currently requires no build process. I just node it.js to run it in dev or prod.

Submitted May 21, 2018 at 08:08PM by throw_at_work_away

No comments:

Post a Comment