Skpr provisions and deploys certificates automatically to reduce friction and improve an applications security posture.
- Development teams do not need to provision and provide Skpr with a certificate. This process can take days.
- Applications are secure by default.
- Certificates are managed by AWS ACM. This means even the Skpr platform team do not have access to the actual certificate (private key).
Each environment is provided with a default domain and certificate automatically.
- Production -
- Non Production -
Configuring an environment
As extra routes are added to an environment (see below), Skpr will automatically provision and deploy a new certificate.
ingress: routes: - example.com - www.example.com
As more routes/domains are added, developers will be required to take steps to validate new certificates.
Validating a Certificate
To check the status of a certificate, run the following command.
$ skpr info dev Certificates: -------------------------- Status: ISSUED Name: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.example.com. Type: CNAME Value: yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy.yyyyyyyyyy.acm-validations.aws. Status: ISSUED Name: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.www.example.com. Type: CNAME Value: yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy.yyyyyyyyyy.acm-validations.aws.
This information is then used to create DNS validation records on the required domains.
Once these records are added, they will then be validated by AWS ACM and deployed to the new environment.
Validation typically takes 30 minutes.