3

Our product is running postfix and nginx as docker services. We initially deploy with a self-signed cert that is named <our-company>.com.cert along with a .pem and .key. These are mounted as a volume which is shared for both services. It is expected that an end user would upload their own cert when deploying the application within their network. Our existing implementation renames whatever is uploaded by the user to match our default cert names. This allows us to overwrite the certs, then bounce the service without having to update any service config.

In a customer network, the hostname will not be our company's domain. All of the doc I've been able to find reference the common name or SAN, which I believe is baked into the file itself. However, the examples consistently show the cert filename matching the domain name. Is this just a convention, or does the filename actually matter?

Improve this question

1 Answer 1

Reset to default
5

The name of the files does not matter at all, only its content. What matters is that the path in the configuration matches the actual path on disk so that the files can be accessed. Of course, if the file names suggest a different content than what is actually in the file then it will be confusing for a human looking at the configuration.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .