[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [MirageOS-devel] TLS on Xen
On 15 Jan 2015, at 19:32, Thomas Leonard <talex5@xxxxxxxxx> wrote: > > On 15 January 2015 at 17:58, Thomas Gazagnaire <thomas@xxxxxxxxxxxxxx> wrote: >>> - It would be good if you could configure an https server directly in >>> config.ml. Currently, the need to configure it with a certificate and >>> private key means this step has to go in the unikernel. >> >> would it be possible to do something like for the IP address where we write >> the IP address in config.ml and then generate main.ml with the same IP >> printed in (ie. we "lift" the IP value from the configuration language to >> the main program)? Is there a way to print a server configuration as a >> string which can be interpreted as an OCaml value? > > What's the recommended way to store the private key? I don't want it > in config.ml because that's part of the source repository. I could > load it there. I can't deploy via a public GitHub repository if the > binary contains the key, so maybe it should be stored on a block > device? At the risk of abusing XenStore too much, it could also be written there with suitably constrained permissions. It would still need to be a block device for normal cloud providers though. -anil _______________________________________________ MirageOS-devel mailing list MirageOS-devel@xxxxxxxxxxxxxxxxxxxx http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |