updates
This commit is contained in:
parent
b4f91c2986
commit
c97a1819a4
GPG Key ID:
9076D5E6B31AE99C
@ -79,3 +79,12 @@ script in the following Linux distributions:
|
||||
> ``/usr/local/share/ca-certificates/``, otherwise one of these
|
||||
> https://golang.org/src/crypto/x509/root_linux.go
|
||||
|
||||
### Drawbacks
|
||||
|
||||
- [operational] it requires self-signed CA certs shared when running multiple
|
||||
Minio servers;
|
||||
- [operational] every X years it requires updating the CA certificate in the
|
||||
Traefik's (or any other reverse proxy) container;
|
||||
- [security] the CA key will have to be spread all over the environment.
|
||||
Theoretically, this could be solved by HashiCorp's Vault, but that won't be
|
||||
nice & small way of running things;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user