|
|
|
|
|
|
by codetrotter
1685 days ago
|
|
|
Committing private keys is definitely the wrong thing to do. But if the system is talking to something, then generating new keys won’t help either. What you need is some kind of system to deploy or retrieve secrets. There are various different solutions that exist for this. |
|
|
Or you generate them on the fly at deployment so that they only exist ephemerally outside the deployment site.