You can use the content of this repository to leverage the Open Policy Agent (https://www.openpolicyagent.org/) for cloud foundry environments. If offers runtime support to make calls to the open policy server from a CF application and support to manage and distribute Open Policy Agent bundles.
Apache License 2.0
5
stars
6
forks
source link
Check identity cert validity before DCL upload #42
Check the expiry date of the identity certificate before the DCL upload. It is used to establish a mTLS connection to the ams-server.
For bindings created with X509_GENERATED the cert is only valid 30 days.
Trying to use an expired cert might cause errors which the consumer does not understand at first glance: TLS handshake failed
At least an information should be printed which certificate is implicitly used to establish the mTLS connection and what has to be renewed.
Check the expiry date of the identity certificate before the DCL upload. It is used to establish a mTLS connection to the ams-server.
For bindings created with
X509_GENERATED
the cert is only valid 30 days. Trying to use an expired cert might cause errors which the consumer does not understand at first glance:TLS handshake failed
At least an information should be printed which certificate is implicitly used to establish the mTLS connection and what has to be renewed.