Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support loading key stores from PEM files #151

Open
jroper opened this issue Jan 9, 2019 · 0 comments
Open

Support loading key stores from PEM files #151

jroper opened this issue Jan 9, 2019 · 0 comments
Labels
status:backlog

Comments

@jroper
Copy link
Member

jroper commented Jan 9, 2019

Currently, only trust stores can be effectively loaded from PEM files, since the PEM loader only attempts to load certificates, it does not attempt to load any private keys. However, consider a platform like Kubernetes, where both the certificate, and the server key, are provided to a pod in PEM format. Currently to load that into ssl-config, you need to first convert these into a PKCS12 or JKS key store, which is typically done using an init container with openssl installed, and is a significant amount of extra configuration and deployment complexity. If ssl-config could load the private key in PEM format too, then the supplied certificate and key could be consumed directly by ssl-config with no preprocessing step necessary.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status:backlog
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jroper @dwijnand