Could I have a .key and .crt for ssl render autogenerated for me?

Could I have a .key and .crt for ssl render autogenerated for me?

Hi Nutchanon_Ninyawee,

Render automatically provisions SSL certs for custom domains pointing to services on our platform.

You can get the cert using the openssl. Eg:

MYSERVER=abc.example.com -c 'openssl s_client -servername "$MYSERVER" -connect "$MYSERVER":443     </dev/null 2>/dev/null | openssl x509 -text'

I’m assuming that the .key in your question refers to the cert’s private key. Unfortunately, we cannot handover the private key for the certificate.

If my assumption was wrong I’d love to understand your question better.

You are right. Thank you for your help.

1 Like

Does this mean mutual authentication/two-way SSL is not possible for apps hosted on render? It seems that mutual auth requires me to send the .key file along with the .cert file (based on: ssl - is client need its private key in mutual authentication - Stack Overflow)

(I’m trying to follow this: Share My Data for third-party-companies: Testing details)

Hi,

Correct, mTLS to a Render Web Service isn’t currently possible. Render manages the TLS, which is terminated before the proxy passes the request over HTTP to your instance.

Alan

This topic was automatically closed after 30 days. New replies are no longer allowed.