Secure way to use pem file on app engin

huangapple go评论92阅读模式
英文:

Secure way to use pem file on app engin

问题

我想实现一个服务,向客户端返回一个签名的URL。我正在使用这段代码作为参考signing-code-go

我考虑将文件上传并使用app.yaml将其仅提供给应用程序,类似于以下方式:

  • url: /files
    static_dir: files

在服务器内部使用pem文件的最佳和安全的方式是什么?

英文:

I want to implement a service that will return a signed URL to a client
Im using this code as reference signing-code-go .

Im thinking to upload the file as use the app.yaml to serve it to the application only something like that .

- url: /files
 static_dir: files

What will be the best and secure way to use the pem file inside the server?

答案1

得分: 2

“静态文件”是向用户提供的,正如https://cloud.google.com/appengine/docs/go/config/appconfig#Go_app_yaml_Static_file_handlers中所明确说明的那样。引用这个URL的话:

如果您有需要被应用程序代码读取的数据文件,那么这些数据文件必须是应用程序文件,并且不能与静态文件模式匹配。

采用这种方法,您只需将.pem文件与应用程序的其余部分一起上传,并在代码中将其作为本地文件进行读取。

英文:

"Static files" are served to users, as https://cloud.google.com/appengine/docs/go/config/appconfig#Go_app_yaml_Static_file_handlers makes it clear. To quote from this URL:

> If you have data files that need to be read by the application code,
> the data files must be application files, and must not be matched by a
> static file pattern.

With this approach, you'll just upload the .pem together with the rest of your application and read it from your code as a local file.

huangapple
  • 本文由 发表于 2015年3月15日 05:35:14
  • 转载请务必保留本文链接:https://go.coder-hub.com/29054483.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定