Skip to content
Snippets Groups Projects
Commit 8393f1b1 authored by Florian Sesser's avatar Florian Sesser
Browse files

Self-signed TLS key for the payment server

parent 54d20010
Branches
No related tags found
3 merge requests!97Merge staging into production,!96Merge develop into staging,!83Get the local dev env running: Add keys
Pipeline #479 passed
......@@ -48,6 +48,7 @@ Here is a Ristretto key you can use, randomly generated just now::
Generate your own like this::
[flo@la:~/PrivateStorageio]$ nix-shell
[nix-shell:~/PrivateStorageio]$ nix-shell -p zkapissuer.components.exes.PaymentServer-generate-key
[nix-shell:~/PrivateStorageio]$ PaymentServer-generate-key
SILOWzbnkBjxC1hGde9d5Q3Ir/4yLosCLEnEQGAxEQE=
......@@ -63,6 +64,13 @@ I think this will work for generating random Stripe secret keys (that our softwa
Public keys are the same but "pk_test" instead of "sk_test" ("test" is for "test mode" key that can only process pretend txns; for real txns there are keys with "live" embedded).
The ZKAPIssuer.service needs a working TLS certificate and expects it in the certbot directory for the domain you configured, in my case::
openssl req -x509 -newkey rsa:4096 -nodes -keyout privkey.pem -out cert.pem -days 3650
touch chain.pem
Move the three .pem files into the payment's server ``/var/lib/letsencrypt/live/payments.localdev/`` directory and issue a ``sudo systemctl restart zkapissuer.service``.
Use the local development environment
`````````````````````````````````````
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment