cockpit-certificates
cockpit-certificates copied to clipboard
cockpit-project
Support for Let's Encrypt
Is Let's Encrypt support a possibility?
IPA doesn't seem to work here.
Cheers!
I believe it could be possible. Although it would require a lot of work to integrate a different set of APIs all throughout the project. So certainly this is a big scope request.
We have basically all of the APIs endpoints which we use listed in wrappers in here: https://github.com/cockpit-project/cockpit-certificates/blob/master/src/dbus.js
So I would start by writing similar wrappers, which however would call certbot instead of certmonger, and probably thru CLI since it seems certbot doesn't have dbus APIs.
But otherwise, the certbot is quite similar to certmonger with its CLI options:
"certbot run" (request), "certbot renew", "certbot revoke", "certbot delete"....
I don't see anything blocking this feature, it's certainly possible, but quite a big scope.
I believe it could be possible. Although it would require a lot of work to integrate a different set of APIs all throughout the project. So certainly this is a big scope request. We have basically all of the APIs endpoints which we use listed in wrappers in here: https://github.com/cockpit-project/cockpit-certificates/blob/master/src/dbus.js So I would start by writing similar wrappers, which however would call
certbotinstead ofcertmonger, and probably thru CLI since it seems certbot doesn't have dbus APIs. But otherwise, the certbot is quite similar to certmonger with its CLI options: "certbot run" (request), "certbot renew", "certbot revoke", "certbot delete"....I don't see anything blocking this feature, it's certainly possible, but quite a big scope.
Actually FreeIPA has fairly recently gained the capacity to utilise the "ACME" protocol. It's this protocol which Let's Encrypt and several other Certificate Authorities (CA) utilise for certificate activities.
Actually FreeIPA has fairly recently gained the capacity to utilise the "ACME" protocol. It's this protocol which Let's Encrypt and several other Certificate Authorities (CA) utilise for certificate activities.
What work would it take to implement this @MrGrymReaper @skobyda?
