Updating Development SSL
Overview
The local development.methodgrid.com SSL certificate is a real (not self-signed) certificate.
Why a Real Certificate?
There's probably a better way of doing this and it would be worth spending some time investigating at some point, but the reason it's a real certificate is for the websockets to work locally. Without workarounds, browsers don't accept self-signed certificates for websocket connections.
See: Secure websockets with self-signed certificate
How It Works
To get around this, we create a real SSL certificate using the kubernetes staging cluster, which DNS is pointed to. The certificate is created as a secret on the cluster as part of the staging setup (see staging-setup.yml). It is updated automatically, so you don't need to do anything to update the certification, you just need to download it from the cluster and put it in the right place locally.
Updating the Certificate
There is a script in the repo that will do that for you:
The key and crt files are copied into the local docker container when the container starts (see docker-compose.yml), so if your container is running you'll have to restart it, but you won't have to rebuild.
When to Run
It is necessary to run this script whenever your local certification expires (roughly every three months).