[grpc-io] gRPC over TLS using AWS NLB?

[jdwyah]

I put the credentials in an EFS that is attached to all the instances in my ECS 
cluster. 

Then all apps just look in /efs/certs/

Only other note: be sure not to be silly like I was and try to use LetsEncrypt. 
Most other languages (java) do not have LetsEncrypt in their CA. 

-- 
You received this message because you are subscribed to the Google Groups 
"grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to grpc-io+unsubscr...@googlegroups.com.
To post to this group, send email to grpc-io@googlegroups.com.
Visit this group at https://groups.google.com/group/grpc-io.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/grpc-io/22b78f52-d465-4e7c-b069-e6e90924cb47%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[grpc-io] gRPC over TLS using AWS NLB?

['yz' via grpc.io]

We are trying to use public facing gRPC on AWS. We know that one solution 
is to use AWS ELB and do SSL offloading on ELB. But we are more inclined to 
use the new NLB which does not support SSL termination. Hence we have to 
manage the certificates on the backend servers.

Is there a good practice to manage all the certificates for the EC2 
instances? When EC2 spins up a new instance, how can we configure 
credentials automatically on it? I know this is more like a question about 
AWS, but just want to know if there are a good solution out there.

-- 
*Grab is hiring. Learn more at **https://grab.careers 
*

By communicating with Grab Inc and/or its subsidiaries, associate companies 
and jointly controlled entities (“Grab Group”), you are deemed to have 
consented to processing of your personal data as set out in the Privacy 
Notice which can be viewed at https://grab.com/privacy/

This email contains confidential information and is only for the intended 
recipient(s). If you are not the intended recipient(s), please do not 
disseminate, distribute or copy this email and notify Grab Group 
immediately if you have received this by mistake and delete this email from 
your system. Email transmission cannot be guaranteed to be secure or 
error-free as any information therein could be intercepted, corrupted, 
lost, destroyed, delayed or incomplete, or contain viruses. Grab Group do 
not accept liability for any errors or omissions in the contents of this 
email arises as a result of email transmission. All intellectual property 
rights in this email and attachments therein shall remain vested in Grab 
Group, unless otherwise provided by law.

-- 
You received this message because you are subscribed to the Google Groups 
"grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to grpc-io+unsubscr...@googlegroups.com.
To post to this group, send email to grpc-io@googlegroups.com.
Visit this group at https://groups.google.com/group/grpc-io.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/grpc-io/efc83b52-c11d-4b6d-a95b-b53eab6c74d4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.