Mei_Sheng_Textiles/nomad_mcp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

📝 Update SSL documentation with auto-renewal information

Browse Source 
- Document 24-hour automatic certificate renewal
- Clarify that CA chain is stable and trustworthy long-term
- Update security considerations with SSL trust setup
- Provide clear guidance for long-term certificate trust

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Nicolas Koehl
2025-05-31 12:02:28 +07:00
parent bc67c9f502
commit 53bee3340f
2 changed files with 26 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
MCP_INTEGRATION.md
View File

@ -271,6 +271,23 @@ When deploying MCP servers on the network:
5. **Rate limiting** to prevent abuse
6. **Audit logging** for all MCP operations
### SSL Certificate Trust
For Mei Sheng Group internal services:
1. **Use the provided CA bundle** in `/certs/meisheng_ca_bundle.pem`
2. **Automatic certificate renewal** - Server certificates renew every 24 hours
3. **Stable CA chain** - The certificate authority chain can be trusted long-term
4. **Environment configuration** - Source `.env.ssl` for proper SSL verification
```bash
# Configure SSL trust for development
source .env.ssl
# Test SSL connections
uv run python certs/test_ssl.py
```
### Recommended Network Architecture
```

10
certs/README.md
View File

@ -2,6 +2,8 @@
This folder contains the SSL certificate chain for Mei Sheng Group internal services.
🔄 **Auto-Renewal**: Server certificates are automatically renewed every 24 hours, but the CA chain remains stable and trustworthy for long-term use.
## Certificate Chain
1. **Intermediate CA**: `Mei_Sheng_Group_Intermediate_CA_02`
@ -54,7 +56,13 @@ export SSL_CERT_FILE=/path/to/certs/meisheng_ca_bundle.pem
## Certificate Renewal
⚠️ **Important**: The server certificate expires on May 31, 2025. It needs to be renewed soon.
**Automatic Renewal**: Server certificates are automatically renewed every 24 hours by the Mei Sheng Group certificate management system.
📋 **Certificate Details**:
- **CA Chain**: Stable and can be trusted long-term
- **Server Certificates**: Auto-renewed daily (expires every ~24h)
- **Intermediate CA**: Valid until Sep 13, 2025
- **Root CA**: Managed by Mei Sheng Group PKI infrastructure
## System Trust Store (Optional)