Mei_Sheng_Textiles/nomad_mcp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a0fc5c2bb21dd6b38b0821742e2d636c95d25949
nomad_mcp/certs
History
Nicolas Koehl a0fc5c2bb2 🔒 Configure SSL certificates for MCP network connections 
Update CA bundle configuration to enable secure HTTPS connections to internal Mei Sheng Group services. Extract and configure complete certificate chain from vault.ds.meisheng.group PKI system.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-03 17:25:39 +07:00
..
ca_chain.pem
🔒 Add SSL certificate chain for Mei Sheng Group services
2025-05-31 11:59:45 +07:00
complete_ca_bundle.pem
🔒 Configure SSL certificates for MCP network connections
2025-06-03 17:25:39 +07:00
full_chain_raw.pem
🔒 Add SSL certificate chain for Mei Sheng Group services
2025-05-31 11:59:45 +07:00
intermediate_ca.pem
🔒 Add SSL certificate chain for Mei Sheng Group services
2025-05-31 11:59:45 +07:00
mcp_full_chain.pem
🔒 Configure SSL certificates for MCP network connections
2025-06-03 17:25:39 +07:00
mei_sheng_ca_bundle.pem
🔒 Configure SSL certificates for MCP network connections
2025-06-03 17:25:39 +07:00
meisheng_ca_bundle.pem
🔒 Add SSL certificate chain for Mei Sheng Group services
2025-05-31 11:59:45 +07:00
README.md
📝 Update SSL documentation with auto-renewal information
2025-05-31 12:02:28 +07:00
root_ca.pem
🔒 Add SSL certificate chain for Mei Sheng Group services
2025-05-31 11:59:45 +07:00
server_cert.pem
🔒 Add SSL certificate chain for Mei Sheng Group services
2025-05-31 11:59:45 +07:00
test_ssl.py
🔒 Add SSL certificate chain for Mei Sheng Group services
2025-05-31 11:59:45 +07:00

README.md

Mei Sheng Group SSL Certificates

This folder contains the SSL certificate chain for Mei Sheng Group internal services.

🔄 Auto-Renewal: Server certificates are automatically renewed every 24 hours, but the CA chain remains stable and trustworthy for long-term use.

Certificate Chain

  1. Intermediate CA: Mei_Sheng_Group_Intermediate_CA_02

    • File: intermediate_ca.pem, meisheng_ca_bundle.pem
    • Valid: Sep 14, 2020 - Sep 13, 2025
    • Issuer: Mei_Sheng_Group_RootCA

  2. Server Certificate: *.dev.meisheng.group

    • File: server_cert.pem
    • Valid: May 30, 2025 - May 31, 2025 (expires soon!)
    • Covers: gitea.dev.meisheng.group, nomad_mcp.dev.meisheng.group

Usage

For Python Applications

Use the CA bundle to verify SSL connections:

import requests

# Use the CA bundle for requests
response = requests.get(
    'https://gitea.dev.meisheng.group',
    verify='/path/to/certs/meisheng_ca_bundle.pem'
)

For curl

curl --cacert certs/meisheng_ca_bundle.pem https://gitea.dev.meisheng.group

For Git

# Configure git to use the CA bundle
git config http.sslCAInfo /path/to/certs/meisheng_ca_bundle.pem

For MCP/Claude Code

Add to environment variables:

export REQUESTS_CA_BUNDLE=/path/to/certs/meisheng_ca_bundle.pem
export SSL_CERT_FILE=/path/to/certs/meisheng_ca_bundle.pem

Certificate Renewal

Automatic Renewal: Server certificates are automatically renewed every 24 hours by the Mei Sheng Group certificate management system.

📋 Certificate Details:

  • CA Chain: Stable and can be trusted long-term
  • Server Certificates: Auto-renewed daily (expires every ~24h)
  • Intermediate CA: Valid until Sep 13, 2025
  • Root CA: Managed by Mei Sheng Group PKI infrastructure

System Trust Store (Optional)

To install the CA in the system trust store:

macOS

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain certs/meisheng_ca_bundle.pem

Linux

sudo cp certs/meisheng_ca_bundle.pem /usr/local/share/ca-certificates/meisheng-ca.crt
sudo update-ca-certificates