cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rafael Weingärtner <rafaelweingart...@gmail.com>
Subject Re: SSL - LetsEncrypt the Console Proxy
Date Fri, 18 Jan 2019 22:30:49 GMT
I do think it is an interesting integration to have. However, as Wido
pointed out, I do not think that it is that easy to code. Moreover, we
still need to enable people to use the current model.

One thing that I was thinking while reading this e-mail is the integration
of the ACS CA framework with Let’s encrypt. By doing that, we would be able
to generate valid certificates.

Thanks for the idea! Maybe someone implements it in the future. Could you
open an issue for it?

On Fri, Jan 18, 2019 at 2:37 PM Wido den Hollander <wido@widodh.nl> wrote:

> Hi,
>
> On 1/18/19 4:41 AM, asender@testlabs.com.au wrote:
> > Hi Guys,
> >
> > Many people are using letsencrypt. This could replace the old retired
> > realhostip.com DNS resolver . Noone would need to muck around with certs
> > again on the console proxy.
> >
> > I think it would be a fairly easy code change.
> >
> > Thoughts?
> >
>
> Will this work in all cases? It doesn't seem like a very easy change to
> me. Yes, it would work with the HTTP ACME client, but only if you are
> connected to the Internet with the CP.
>
> The change might be easy, I don't know actually. Sounds like more work
> as the Java code will need to talk to LE and request the certificate and
> install it.
>
> Wido
>
> > Adrian Sender
>


-- 
Rafael Weingärtner

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message