bosh-lite icon indicating copy to clipboard operation
bosh-lite copied to clipboard

Published 20 hours ago verified publisher icon cloudfoundry-attic

add self-signed certs for *.bosh-lite.com

Open zrob opened this issue 8 years ago • 6 comments

this allows releases to be deployed using a known ca so they can do ssl with proper cert verification

Signed-off-by: Zach Robinson [email protected]

zrob avatar Nov 07 '16 23:11 zrob

Hey zrob!

Thanks for submitting this pull request! I'm here to inform the recipients of the pull request that you and the commit authors have already signed the CLA.

cfdreddbot avatar Nov 07 '16 23:11 cfdreddbot

I think this already should work when executing something like gobosh -e 192-168-50-4.sslip.io --user admin --password admin --ca-cert ca/certs/ca.crt ... - does this PR add something more than that?

dpb587-pivotal avatar Nov 29 '16 00:11 dpb587-pivotal

This puts the ca into the default cert store for each "vm" that the director creates so that jobs in a deploy can trust each other using certs signed by that ca. Is the ca cert you reference available on all "vms" or is it just the director ca?

If it's available on every vm then it would work.

zrob avatar Nov 29 '16 02:11 zrob

@dpb587-pivotal ping

zrob avatar Nov 30 '16 18:11 zrob

@dpb587-pivotal ping

zrob avatar Dec 05 '16 23:12 zrob

@zrob pipeline for bosh-lite is busted hence no update. it's not trivial to fix it so it's taking time.

cppforlife avatar Dec 05 '16 23:12 cppforlife