mirror of
https://github.com/google/nomulus.git
synced 2025-05-02 04:57:51 +02:00
628aacd754
The server certificates and corresponding keys are encrypted by KMS and stored on GCS. This allows us to easily replace expiring certs without having to roll out a new proxy release. However currently the certificate is obtained as a singleton and used in all connections served by a proxy instance. This means that if we were to upload a new cert, all existing instances will not use it. This CL makes it so that we only cache the certificate for 30 min, after which a new cert is fetched and decrypted. Local certificates used for testing are still singletons. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=206976318 |
||
|---|---|---|
| .. | ||
| default-config.yaml | ||
| proxy-config-alpha.yaml | ||
| proxy-config-local.yaml | ||
| proxy-config-production-canary.yaml | ||
| proxy-config-production.yaml | ||
| proxy-config-sandbox-canary.yaml | ||
| proxy-config-sandbox.yaml | ||