connaisseur icon indicating copy to clipboard operation
connaisseur copied to clipboard

Published 20 hours ago verified publisher icon sse-secure-systems

Make Connaisseur TLS certificate configurable

Open xopham opened this issue 3 years ago • 2 comments

Describe the feature Currently, Connaisseur generates a self-signed certificate for communication. This should be made configurable via helm/values.yaml to e.g. provide a cert or reference a corresponding secret.

Optional: Is your feature request related to a problem? Please describe. There are situations in which the self-signed certificate may not work and a cert might have to be provided externally. Also, how would Connaisseur work with solutions such as istio and 2-way TLS?

Optional: Implementation ideas There should be a configuration option in helm/values.yaml under deployment. That might allow several configurations:

  • configure certificate or use self-signed (probably use self-signed if not provided otherwise)
  • should cert be used at all (considering the istio case) and further configuration options
  • configure cert directly or via secret (probably the latter would be best)

Optional: Additional context

  • see also #224 for more information.
  • make sure to also check implications for #181 related issues

xopham avatar Aug 05 '21 11:08 xopham

Resolved by #437

xopham avatar Mar 04 '22 09:03 xopham

re-opening as not actually resolved.

xopham avatar Mar 04 '22 09:03 xopham