📝 Update SSL documentation with auto-renewal information

- Document 24-hour automatic certificate renewal
- Clarify that CA chain is stable and trustworthy long-term
- Update security considerations with SSL trust setup
- Provide clear guidance for long-term certificate trust

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
2025-05-31 12:02:28 +07:00
parent bc67c9f502
commit 53bee3340f
2 changed files with 26 additions and 1 deletions

View File

@ -2,6 +2,8 @@
This folder contains the SSL certificate chain for Mei Sheng Group internal services.
🔄 **Auto-Renewal**: Server certificates are automatically renewed every 24 hours, but the CA chain remains stable and trustworthy for long-term use.
## Certificate Chain
1. **Intermediate CA**: `Mei_Sheng_Group_Intermediate_CA_02`
@ -54,7 +56,13 @@ export SSL_CERT_FILE=/path/to/certs/meisheng_ca_bundle.pem
## Certificate Renewal
⚠️ **Important**: The server certificate expires on May 31, 2025. It needs to be renewed soon.
**Automatic Renewal**: Server certificates are automatically renewed every 24 hours by the Mei Sheng Group certificate management system.
📋 **Certificate Details**:
- **CA Chain**: Stable and can be trusted long-term
- **Server Certificates**: Auto-renewed daily (expires every ~24h)
- **Intermediate CA**: Valid until Sep 13, 2025
- **Root CA**: Managed by Mei Sheng Group PKI infrastructure
## System Trust Store (Optional)