TechQA.

IBM Cloud Secrets Manager: Which Lets Encrypt environment to target?

160 views Asked by At

We currently have a cert manager instance in IBM Cloud and have certificates ordered via Lets Encrypt and using the certs with our client to site vpn service . As the cert manager is getting deprecated in favour of secrets manager , we plan to create public engine in Secret manager using same Lets Encrypt CA.

In the ACME creation tool, we have the option of tageting Let's Encrypt prod and staging. Can anyone throw light on which target needs to be chosen?

https://github.com/ibm-cloud-security/acme-account-creation-tool#supported-certificate-authorities

Also, once LE is integrated with Secrets manager , will the certificates be able to be auto renewed?

ibm-cloud lets-encrypt ibm-secrets-manager
Original Q&A
1

There are 1 answers

3
data_henrik On
  • LE staging is for testing your setup. Once everything works you should use production. See https://letsencrypt.org/docs/staging-environment
  • Secrets Manager supports secrets rotation, including automatic renewal of certificates. Some conditions must be met. I recommend to check "Automatically rotating secrets" in the Secrets Manager documentation. I have not tested it, but from reading it, LE is supported with domain validation.

Related Questions in IBM-CLOUD

Related Questions in LETS-ENCRYPT

Related Questions in IBM-SECRETS-MANAGER

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions