dashpay / platform

L2 solution for seriously fast decentralized applications for the Dash network
https://dashplatform.readme.io/docs/introduction-what-is-dash-platform
MIT License
71 stars 39 forks source link

Storing ssl certificates in a configuration file config.json #2027

Closed konlag closed 1 month ago

konlag commented 3 months ago

Storing ssl certificates in a configuration file config.json

Add function to dashmate setup, where the path to the certificate location will not be specified, keys will be entered instead

Example:

ssl: { enabled: false, provider: 'zerossl', providerConfigs: { zerossl: { apiKey: null, id: null } }, file: { key: 'KEY', bundle: 'bundle' } }

qwizzie commented 3 months ago

Is this not already the case with config.json ? (under mainnet section !)

Knipsel

This is through the Zero SSL methode during dashmate setup, where users feed dashmate the zerossl api key after which dashmate will create a zero ssl cert and store the zero ssl api key and id in config.json and the ssl-related files in .dashmate/mainnet/platform/gateway/ssl/

Edit : aha, you want to expand the ssl related fields in config.json to include ssl cert info from the actual ssl-related files (bundle.crt & csr.pem (?) & private.key).

mrssv commented 3 months ago

Is there a way to indicate key and certificate file using dashmate commands? It is possible to set ZeroSSL this way: dashmate config set platform.gateway.ssl.provider zerossl --config main dashmate config set platform.gateway.ssl.providerConfigs.zerossl.apiKey xxxxxxxxxxxxxxxxxxxx --config main

If i have self-signed certificate can i set it same way and what commands are needed for it? I did not find any option for this in code.

pshenmic commented 3 months ago

It is there in the setup, where you can supply your own keys bundle instead of zerossl. However, self signed certificates will not work, because you will need an certified IP Address certificate for the correct work of DAPI service.

image


image

In case you want to switch from zerossl after you have already set it up, you can copy your cert files manually in the directory

~/.dashmate/mainnet/platform/gateway/ssl/bundle.crt
~/.dashmate/mainnet/platform/gateway/ssl/private.key

and do

dashmate config set platform.gateway.ssl.provider file

Let me know if that worked for you

konlag commented 3 months ago

I have the option to issue my own certificates thawte (not self-signed). I don't want to pay zerossl

It would be nice to specify the certificate in the config file, not just the path to the certificate....

mrssv commented 2 months ago

It is there in the setup, where you can supply your own keys bundle instead of zerossl. However, self signed certificates will not work, because you will need an certified IP Address certificate for the correct work of DAPI service.

image image

In case you want to switch from zerossl after you have already set it up, you can copy your cert files manually in the directory

~/.dashmate/mainnet/platform/gateway/ssl/bundle.crt
~/.dashmate/mainnet/platform/gateway/ssl/private.key

and do

dashmate config set platform.gateway.ssl.provider file

Let me know if that worked for you

Exactly, the 2nd option is what I was looking for. It worked. Thank you very much!