Question
How to Obtain CA certificate for an app deployed in DigitalOcean?
- Posted on January 25, 2023
- DeploymentDigitalOcean App Platform
Asked by Sivagamasundari
I have hosted a flask application in DigitalOcean as an app. Now to connect a client with this server through TLS, I am in need of installing the CA certificate of the server in client side. This client requires the server endpoint, port and root CA certificate for communicating securely with TLS.
So, now how do I get the CA for my app here?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hollie's Hub for Good
Working on improving health and education, reducing inequality, and spurring economic growth? We’d like to help.
Hello @sivagamasundari
You can add the contents of a certificate or file as an environment variable and then save that value to disk using build or run time commands.
For example, MongoDB requires a Certificate Authority (CA) certificate for clients to connect to a cluster, and most MongoDB clients require the certificate to be a file on disk. You can work around the injection limitation by creating an environment variable, such as
MONGO_CA_CERT=${db.CA_CERT}, during the app’s creation process or by updating its settings. Then, you can add a command to the app that creates the certificate file upon runtime, such asecho $MONGO_CA_CERT > ca_cert.cert && <original run command>. App Platform requires the original run time command to start the app upon runtime.https://docs.digitalocean.com/products/app-platform/how-to/use-environment-variables/
Hope that this helps!