📝 Update SSL documentation with auto-renewal information

- Document 24-hour automatic certificate renewal - Clarify that CA chain is stable and trustworthy long-term - Update security considerations with SSL trust setup - Provide clear guidance for long-term certificate trust 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-05-31 12:02:28 +07:00
parent bc67c9f502
commit 53bee3340f
2 changed files with 26 additions and 1 deletions
--- a/MCP_INTEGRATION.md
+++ b/MCP_INTEGRATION.md
@ -271,6 +271,23 @@ When deploying MCP servers on the network:
 5. **Rate limiting** to prevent abuse
 6. **Audit logging** for all MCP operations

+### SSL Certificate Trust
+
+For Mei Sheng Group internal services:
+
+1. **Use the provided CA bundle** in `/certs/meisheng_ca_bundle.pem`
+2. **Automatic certificate renewal** - Server certificates renew every 24 hours
+3. **Stable CA chain** - The certificate authority chain can be trusted long-term
+4. **Environment configuration** - Source `.env.ssl` for proper SSL verification
+
+```bash
+# Configure SSL trust for development
+source .env.ssl
+
+# Test SSL connections
+uv run python certs/test_ssl.py
+```
+
 ### Recommended Network Architecture

 ```