02/09/2022, 9:53 AM
Hey guys, I’m reading the doc and in Server installation there is a command used to generate a valid TLS certificate and key for running the Fleet server (self-signed certificate). According to the issue (about TLS performance) ECDSA should be used in order to have better performance. I’ve never used ECDSA before, is the openssl command mentioned in the doc ok? if not, can you suggest me the right command to use ECDSA? (maybe an hint to the documentation can be useful) Thank you for your time

Benjamin Edwards

02/09/2022, 11:57 AM
Hey Bacarus, indeed we have noticed this issue in high load environments. In those scenarios it might even be preferred to run a dedicated load balancer where TLS termination happens, for example Nginx. Otherwise generating an elliptic curve key: Updating the docs sounds like a great idea.
:ty: 1
🙏 1