Project

General

Profile

Actions

Architecture #26942

open

Add new settings to handle certificate trust

Added by Benoît PECCATTE about 2 months ago. Updated 7 days ago.

Status:
Pending release
Priority:
N/A
Category:
Web - Config management
Target version:
Effort required:
Name check:
To do
Fix check:
To do
Regression:
No

Description

Add 2 new settings in rudder-web.properties that will be generated into 3 new values in policy's rudder.json files.
Here are what the 2 generated values must look like :

  • POLICY_SERVER_CERT_NAME_VALIDATION: boolean, default false
  • POLICY_SERVER_CERT_CA: pem certificate, default empty

Chabge 1 generated property to match

  • POLICY_SERVER_KEY_HASH: list of key hashes, in the form "sha256//Pxjkq/Qlp02j8Q3ti3M1khEaUTL7Dxcz8sLOfGcg5rQ=;sha256//..."

Subtasks 2 (2 open0 closed)

Architecture #26950: Handle certificate trust in rudder-clientPending releaseAlexis MoussetActions
Architecture #26975: Generate rudder-client certificate authority before any rudder-client callPending releaseAlexis MoussetActions
Actions

Also available in: Atom PDF