autocert
autocert copied to clipboard
smallstep
Add support for P12 and PEM formats in bootstrapper and renewer
- Introduce P12 and PEM environment variables in Dockerfiles
- Generate P12 and PEM files in bootstrapper.sh
- Update ownership and permissions for new files
- Modify renewer Dockerfile to use new environment variables
- Add renewerexec.sh script to handle renewal with new formats
Name of feature:
Introduce P12 and PEM environment variables, certificate generation, and renewal handling in Dockerfiles and scripts.
Pain or issue this feature alleviates:
This feature automates the management of P12 and PEM certificate formats in Dockerized environments, ensuring proper handling of SSL/TLS certificates. It simplifies certificate renewal and integration into the containerized application for prisma.io (requires p12 certificate for postgresql), pem certificate for mongodb
Why is this important to the project (if not answered above):
Becouse we are using prisma.io and payloadcms with SSL database connections.
Is there documentation on how to use this feature? If so, where?
Example for mongodb: tls=true&tlsCertificateKeyFile=/var/run/autocert.step.sm/site.pem&tlsCAFile=/var/run/autocert.step.sm/root.crt&authSource=$external&authMechanism=MONGODB-X509"
Example for prisma + postgesql: sslmode=require&sslcert=/var/run/autocert.step.sm/root.crt&sslidentity=/var/run/autocert.step.sm/site.p12
In what environments or workflows is this feature supported?
This feature is supported in any Docker-based environments where certificates need to be generated and renewed, particularly in secure production, staging, and development environments.
In what environments or workflows is this feature explicitly NOT supported (if any)?
N/A
Supporting links/other PRs/issues:
N/A
