Page MenuHomeVyOS Platform

VyOS Certificates Manager
Closed, ResolvedPublicFEATURE REQUEST

Description

For a long time, we using easy-rsa scripts to deal with certificates for OpenVPN
now, we added (and continue adding) software and capabilities that require certificates in one way or other
that brings us to essential needs like

  • control system-wide trusted certificates, to be able to import new trusted CAs and/or standalone certificates to store
  • be able to create and manage CAs (certificate authorities) and issue certificates for server and client sides
  • view and check certificates before import, etc

After researching the available options, we come across smallstep which seems suitable for what we trying to achieve

see https://smallstep.com/docs/design-document/

This task is root task for future vyos certificate management

Details

Version
-
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Internal change (not visible to end users)

Event Timeline

sarthurdev changed the status of subtask T3642: PKI configuration from Open to In progress.Jun 29 2021, 12:37 PM
sarthurdev changed the status of subtask T3642: PKI configuration from In progress to Needs testing.Jul 22 2021, 3:49 PM
erkin set Issue type to Internal change (not visible to end users).Aug 29 2021, 1:27 PM
erkin removed a subscriber: Global Notifications.
dmbaturin claimed this task.
dmbaturin subscribed.

I suppose the current PKI CLI does fulfill the requirements of this task.