Skip to content

Add support for P12 and PEM formats in bootstrapper and renewer #294

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add support for P12 and PEM formats in bootstrapper and renewer #294

wants to merge 1 commit into from
+18 −7

Conversation

slavb18
Copy link

@slavb18 slavb18 commented Oct 9, 2024

  • Introduce P12 and PEM environment variables in Dockerfiles
  • Generate P12 and PEM files in bootstrapper.sh
  • Update ownership and permissions for new files
  • Modify renewer Dockerfile to use new environment variables
  • Add renewerexec.sh script to handle renewal with new formats

Name of feature:

Introduce P12 and PEM environment variables, certificate generation, and renewal handling in Dockerfiles and scripts.

Pain or issue this feature alleviates:

This feature automates the management of P12 and PEM certificate formats in Dockerized environments, ensuring proper handling of SSL/TLS certificates. It simplifies certificate renewal and integration into the containerized application for prisma.io (requires p12 certificate for postgresql), pem certificate for mongodb

Why is this important to the project (if not answered above):

Becouse we are using prisma.io and payloadcms with SSL database connections.

Is there documentation on how to use this feature? If so, where?

Example for mongodb: tls=true&tlsCertificateKeyFile=/var/run/autocert.step.sm/site.pem&tlsCAFile=/var/run/autocert.step.sm/root.crt&authSource=$external&authMechanism=MONGODB-X509"
Example for prisma + postgesql: sslmode=require&sslcert=/var/run/autocert.step.sm/root.crt&sslidentity=/var/run/autocert.step.sm/site.p12

In what environments or workflows is this feature supported?

This feature is supported in any Docker-based environments where certificates need to be generated and renewed, particularly in secure production, staging, and development environments.

In what environments or workflows is this feature explicitly NOT supported (if any)?

N/A

Supporting links/other PRs/issues:

N/A

@slavb18
Add support for P12 and PEM formats in bootstrapper and renewer
cde06ea 
- Introduce P12 and PEM environment variables in Dockerfiles
- Generate P12 and PEM files in bootstrapper.sh
- Update ownership and permissions for new files
- Modify renewer Dockerfile to use new environment variables
- Add renewerexec.sh script to handle renewal with new formats
@CLAassistant
Copy link

CLAassistant commented Oct 9, 2024
edited
Loading

CLA assistant check
All committers have signed the CLA.

@github-actions github-actions bot added the needs triage Waiting for discussion / prioritization by team label Oct 9, 2024
@dopey dopey requested a review from maraino October 15, 2024 17:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@maraino maraino Awaiting requested review from maraino

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

needs triage Waiting for discussion / prioritization by team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@slavb18 @CLAassistant