Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow external certificates to be uploaded when hosted on Kubernetes #31

Open
rudivanhierden opened this issue Jun 30, 2021 · 0 comments
Open

Allow external certificates to be uploaded when hosted on Kubernetes #31

rudivanhierden opened this issue Jun 30, 2021 · 0 comments

Comments

@rudivanhierden
Copy link
Contributor

Currently, all sites receive certificates through LetsEncrypt by default (for the kubernetes version at least). In some cases it's preferable to use an external certificate, for instance issues by QuoVadis or Cloudflare.

It's not possible to upload such a certificate through the admin panel, and it now needs to be added to the kubernetes secrets manually. A good short-term situation would be:

  • A private key + certificate (including the correct chain) can be uploaded through the admin panel
  • The key gets checked through the x509 module (https://www.npmjs.com/package/x509), so invalid certificates can't be uploaded
  • The valid certificate gets saved as a secret and added to the site's ingress
  • The certificate's expiration date is saved so we can alert the admin before expiration
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rudivanhierden