freeipa-issuer
freeipa-issuer copied to clipboard
guilhem
A cert-manager external issuer for FreeIPA
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.7.0 to 0.17.0. Commits b225e7c http2: limit maximum handler goroutines to MaxConcurrentStreams 88194ad go.mod: update golang.org/x dependencies 2b60a61 quic: fix several bugs in flow control accounting 73d82ef...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps gopkg.in/yaml.v3 from 3.0.0-20210107192922-496545a6307b to 3.0.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.11.0 to 1.11.1. Release notes Sourced from github.com/prometheus/client_golang's releases. 1.11.1 / 2022-02-15 [SECURITY FIX] promhttp: Check validity of method and code label values prometheus/client_golang#987 (Addressed CVE-2022-21698) What's...
freeipa.go code uses low level http.transport which doesn't follow redirects https://github.com/guilhem/freeipa-issuer/blob/master/provisionners/freeipa.go#L32 https://github.com/golang/go/blob/master/src/net/http/transport.go#L71 So when it tries to connect IPA server via unencrypted HTTP and by chance gets redirested to https://ipa.beer.best/ipa/session/login_password...
My setup has an extra certificate profile `caIPAserviceCertWild` for issuing wildcard certificates. The way this works is that a certificate request is made for a service `HTTP/apps.ocp.example.qq`. The certificate profile...
IPA certificate chain error in manager logs, I get an error: "**error": "unexpected value of CertificateChain field: [map [__ base64__**" IPA version: 4.9.6
``` error: error validating "10-cert-manager/issuer.yml": error validating data: ValidationError(ClusterIssuer.spec): unknown field "ignoreError" in org.freeipa.certmanager.v1beta1.ClusterIssuer.spec; if you choose to ignore these errors, turn validation off with --validate=false ``` The Cluster Issuer...
I would like to use and test this project though it would be great if I can install it on my multi-arch cluster. In order to do that it looks...
In samples/secret.yaml , should I be replacing the "b64value" for user and password with the base64 encoded version of a FreeIPA user who has permissions to generate certificates? Do they...
When creating an issuer with the `addHost` option set to false I am not able to successfully issue a certificate. This is because by default by default to create a...