Developer
Search…
πŸ“
Certificates
For information on creating certificates please consult the following documentation here certificates.
With the certificate at hand, the gateway has the following options to start as a https servers;
1
--tls-certificate= the certificate to use for secure connections [$TLS_CERTIFICATE]
2
--tls-key= the private key to use for secure connections [$TLS_PRIVATE_KEY]
3
--web-server-tls-certificate= the certificate to use for web server secure connections
4
--web-server-tls-key= the private key to use for web server secure connections
Copied!
    --tls-certificate takes a path to a certificate file (public.crt in this document) and --tls-key takes a path to a private key file (private.key in the document; note that it must be created without a password). Both the private key and certificate files are required in the gateway. These parameters can also be specified through environment variables TLS_CERTIFICATE and TLS_PRIVATE_KEY instead of being given through options.
    --web-server-tls-certificate and --web-server-tls-key are for hosting web sites. Both are required only if you want to host web sites with https.
1
[email protected]:~/gateway/linux-amd64# ./gateway --metadata-server=metadata.staging.storewise.tech:443 --username=storewise --password=helloworld --access-key-id=585b7de01f04b22ce2c92c1f53adca268ab0c060 --secret-access-key=Io7LS3kov2f0hRJibEkQ9OeNNNgvPuWCNxW4oHwd --verbose --tls-certificate=public.crt --tls-key=private.key
2
2020-07-22T17:58:18.458Z DEBUG gateway/main.go:110 signing in to StoreWise
3
2020-07-22T17:58:18.769Z DEBUG gateway/main.go:121 initializing connections to metadata server
4
2020-07-22T17:58:18.769Z DEBUG gateway/main.go:129 initializing a storage service
5
2020-07-22T17:58:18.769Z DEBUG gateway/main.go:139 initializing a database service
6
2020-07-22T17:58:18.769Z DEBUG gateway/main.go:150 initializing an account manager
7
2020-07-22T17:58:18.769Z DEBUG gateway/main.go:153 initializing a transaction recorder
8
2020-07-22T17:58:18.769Z DEBUG gateway/main.go:156 initializing the API server
9
2020-07-22T17:58:18.770Z DEBUG grpc/connection.go:109 waiting until the current token expires {"duration": "59m59.999300351s"}
10
2020-07-22T17:58:18.770Z INFO gateway/main.go:199 web server is listening {"address": ":9300"}
11
2020-07-22T17:58:18.770Z INFO gateway/main.go:175 start listening with TLS {"address": ":9200", "version": "v0.4.9", "date": "2020-07-07 13:12:46"}
Copied!
For self-signed certificates not signed by a authorized issuer --no-verify-ssl should be used when communicating with the aws-cli. This will bypass the SSL verification. For further information see reference here. This step is not necessary for certificates signed by any authorized issuers.
Last modified 1yr ago
Copy link