updates
This commit is contained in:
parent
b4f91c2986
commit
c97a1819a4
@ -79,3 +79,12 @@ script in the following Linux distributions:
|
|||||||
> ``/usr/local/share/ca-certificates/``, otherwise one of these
|
> ``/usr/local/share/ca-certificates/``, otherwise one of these
|
||||||
> https://golang.org/src/crypto/x509/root_linux.go
|
> https://golang.org/src/crypto/x509/root_linux.go
|
||||||
|
|
||||||
|
### Drawbacks
|
||||||
|
|
||||||
|
- [operational] it requires self-signed CA certs shared when running multiple
|
||||||
|
Minio servers;
|
||||||
|
- [operational] every X years it requires updating the CA certificate in the
|
||||||
|
Traefik's (or any other reverse proxy) container;
|
||||||
|
- [security] the CA key will have to be spread all over the environment.
|
||||||
|
Theoretically, this could be solved by HashiCorp's Vault, but that won't be
|
||||||
|
nice & small way of running things;
|
||||||
|
Loading…
Reference in New Issue
Block a user