zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-07-25 12:08:40 +02:00
Code Issues Projects Releases Packages Wiki Activity

Updated the cloudflare rotation instructions [no sandbox] (#3381)

Browse source 
* updated the cloudflare rotation instructions

* Delete unused comments

---------

Co-authored-by: Alysia Broddrick <109625347+abroddrick@users.noreply.github.com>
Co-authored-by: zandercymatics <141044360+zandercymatics@users.noreply.github.com>
Co-authored-by: Erin <121973038+erinysong@users.noreply.github.com>
This commit is contained in:
Alysia 2025-05-12 11:52:17 -07:00 committed by GitHub
parent f05907b2b3
commit 7ba86922ea
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 3 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
docs/operations/runbooks/rotate_application_secrets.md
View file

@ -1,7 +1,7 @@
# HOWTO Rotate the Application's Secrets
========================
Secrets are read from the running environment.
Below you will find sections for each of the application secrets which can & will be changed individually and expire at different times. Secrets are read from the running environment.
Secrets are originally created with:
@ -114,9 +114,9 @@ need to be specified in the environment.
## REGISTRY_CL_ID and REGISTRY_PASSWORD
These are the login credentials for accessing the registry.
These are the login credentials for accessing the registry and they are set by Cloudflare. Cloudflare should notify us if and when registry credentials ever need to be changed.
## REGISTRY_CERT and REGISTRY_KEY and REGISTRY_KEY_PASSPHRASE
## Rotating REGISTRY_CERT, REGISTRY_KEY, and REGISTRY_KEY_PASSPHRASE for Cloudflare environments
These are the client certificate and its private key used to identify the registrar to the registry during the establishment of a TCP connection.