Certificate thumbprint while deploying

[vigbav36]

Hi, is there any documentation or resources on how to deploy Psi bot to any cloud services. Specifically, how do we dynamically make a container , set up certificates and use the certificate thumbprint.

Locally, we do it manually by adding it to the local machine, but how do we actually do this in cloud deployment

[InDieTasten]

You could build a container that supports ACME challenges on it's own. You could have a reverse proxy that does it for you, like nginx with acme companion. Storing the certificates could be done using Azure Key Vault, volumes, managed disks or similar. If you are running on AKS, you can have a cert bot doing ACME and storing the certificate in the etcd storage.

There are many ways to receive, store and consume the certificates and many ways to run the samples and it all depends on what kind of compute offering you want to run the bot on. The handling of certificates in that sense is not special for running app hosted media bots. It has more to do with best practices surrounding cert handling for the target IaaS / PaaS offering.

---

If you are looking for consulting in that area, you can look up my contact details in my profile, btw.

[vigbav36]

Hey thanks for the tips, will look into it

[ssulzer]

Also, a minor note: the most recent media SDK (1.27.0.2-alpha) allows the application to provide its server certificate programmatically as an X509Certificate2 object. There is a new MediaPlatformSettings.MediaPlatformInstanceSettings.Certificate API. This may be more convenient than installing the certificate in the local machine cert store.

[vigbav36]

Thank you everyone !