更新amp页RSA密钥
[英]Update amp-page RSA-Key
问题描述
I guys, 
伙计们
I have to create/update a lot of amp-page for different domains. 我必须为不同的域创建/更新很多amp页面。 So I'd like to know if I can use the same RSA-Key for all my domains or if I need to create one for each domain. 因此,我想知道是否可以对所有域使用相同的RSA密钥,或者是否需要为每个域创建一个。
thx. 谢谢。
1 个解决方案
解决方案1
0 2018-07-27 08:18:25
It is possible to re-use the RSA keys across domains. 可以跨域重用RSA密钥。 As long as the private key used to sign the request matches the key published at .well-known/amphtml/apikey.pub , the request will work. 只要用于签署请求的私钥与在.well-known/amphtml/apikey.pub发布的密钥匹配,请求就可以使用。
The keypairs can be replaced in the future. 将来可以更换密钥对。 After generating a new one, replace the public key at .well-known/amphtml/apikey.pub and sign requests with the new private key. 生成新密钥后,请替换.well-known/amphtml/apikey.pub的公共密钥,并使用新的私有密钥对请求进行签名。
As a matter of best practice, it may be worth considering using different keys. 作为最佳实践,可能值得考虑使用不同的密钥。 Consider if the set of people who have access to the private key is the same for all domains. 请考虑对于所有域而言,可以访问私钥的人员的集合是否相同。 Also that, when using the same key, if one is compromised, it will give access to all domains. 同样,当使用相同的密钥时,如果一个密钥被泄露,它将提供对所有域的访问。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.