想請問:
Web server 的SSL 憑證位置能否指定到storage server?
例:
certificate 位置:\\192.168.0.3\certificate\certificate.crt
key 位置:\\192.168.0.3\certificate\private.key
apache憑證設定
sslcertificatefile \\192.168.0.3\certificate\certificate.crt
SSLCertificateKeyFile \\192.168.0.3\certificate\private.key
nginx憑證設定
ssl_certificate \\192.168.0.3\certificate\certificate.crt;
ssl_certificate_key \\192.168.0.3\certificate\private.key;
node.js code:
var https = require('https');
var fs = require('fs');
var options = {
key: fs.readFileSync('\\192.168.0.3\certificate\certificate.crt'),
cert: fs.readFileSync('\\192.168.0.3\certificate\private.key')
};
https.createServer(options, function (req, res) {
res.writeHead(200);
res.end('hello world\n');
}).listen(443,'0.0.0.0');
諸如此類得設定方式或替代方案
會需要這種設定的原因:
需要將另一方程式以docker image(或其他方式)放到我的server上運行,並使用我的domain name docker-01.example.com
,而example.com
已部署HSTS原則,且不可能將憑證傳送給另一方。