Investigate SSL cert automation

emory-libraries / cor-cm

Ansible configuration management for the COR project websites and backend resources

1 stars 0 forks source link

Investigate SSL cert automation #40

Closed rotated8 closed 2 weeks ago

rotated8 commented 1 month ago

[x] Contact Alan White to see if we can use the automation tools provided by InCommon.
[x] Explore alternatives, e.g. LetsEncrypt, evaluate time/cost

kbowaterskelly commented 1 month ago

I think this will be a spike ticket. We should allocate time to it according to what the other enhancement sprint time requirements for my tickets are.

kbowaterskelly commented 4 weeks ago

We're having an account created to use InCommon ACME automation. If this is suitable for our purposes, it will handle the majority of the certificates, otherwise Let's Encrypt can be employed. AWS certs are the bulk of the remainder and have an easy method to automate, although I believe this will end up costing some money.

kbowaterskelly commented 3 weeks ago

I'm still working on delivering MVP of certbot/ACME deployment, but that seems more like a stretch goal than anything. The provided solutions should work for us.