Open ubuntu-server-builder opened 1 year ago
Launchpad user Ryan Harper(raharper) wrote on 2020-03-02T23:00:12.468614+00:00
Hi,
Thanks for filing this bug. Would you be interested in contributing to cloud-init?
https://cloudinit.readthedocs.io/en/latest/topics/hacking.html
Launchpad user Graham Leggett(minfrin) wrote on 2020-03-05T12:39:06.585992+00:00
I have very basic python skills, so this may take a while.
In the mean time I have been fixing certmonger itself, as it contains a number of limitations that prevent it being possible to issue certs from private CAs.
This bug was originally filed in Launchpad as LP: #1865352
Launchpad details
Launchpad user Graham Leggett(minfrin) wrote on 2020-03-01T15:47:50.893892+00:00
This is a request to integrate certmonger with cloud-init, such that certificates can be requested and provisioned as part of the initialisation process.
Possible sample configuration:
certs: Redwax Interop: type: scep url: http://interop.redwax.eu/test/simple/scep requests:
and so on, corresponding to the following commands:
getcert add-scep-ca -c "Redwax Interop" -u http://interop.redwax.eu/test/simple/scep getcert request -f /etc/pki/interop/test.example.com.cert -k /etc/pki/interop/test.example.com.key -c "Redwax Interop" -I test.example.com -D test.example.com -G rsa -g 4096 -u digitalSignature -u keyEncipherment -L challenge