Title
#fleet
Bacarus

Bacarus

02/09/2022, 9:53 AM
Hey guys, I’m reading the doc and in Server installation there is a command used to generate a valid TLS certificate and key for running the Fleet server (self-signed certificate). According to the issue (about TLS performance) ECDSA should be used in order to have better performance. I’ve never used ECDSA before, is the openssl command mentioned in the doc ok? if not, can you suggest me the right command to use ECDSA? (maybe an hint to the documentation can be useful) Thank you for your time
Benjamin Edwards

Benjamin Edwards

02/09/2022, 11:57 AM
Hey Bacarus, indeed we have noticed this issue in high load environments. In those scenarios it might even be preferred to run a dedicated load balancer where TLS termination happens, for example Nginx. Otherwise generating an elliptic curve key:https://security.stackexchange.com/questions/58077/generating-ecdsa-certificate-and-private-key-in-one-step Updating the docs sounds like a great idea.