add hint about encrypted backups for SSL private keys
This commit is contained in:
@@ -49,7 +49,7 @@ DigiCert will send an email including instructions on how to download the certif
|
||||
|
||||
Our teams practice is to always create a new private key and to back it up encrypted in Gitlab, either
|
||||
- in Hiera as [EYAML](https://linux.psi.ch/admin-guide/puppet/hiera.html#secret-values)
|
||||
- for central infrastructure hosts in their [bootstrap repository](https://git.psi.ch/linux-infra/bootstrap)
|
||||
- for central infrastructure hosts GPG encrypted in their [bootstrap repository](https://git.psi.ch/linux-infra/bootstrap)
|
||||
- for the rest in our [team secret store](https://git.psi.ch/linux-infra/core-linux-secrets)
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user