Import CertificateChain from standard format #26
Comments
ecton
added a commit
to khonsulabs/bonsaidb
that referenced
this issue
Nov 10, 2021
In my original implementation, I had missed the CertificateChain type entirely. Now, the certificate chain is always stored, with the only complication being that if you want to use the pinned certificate, you must extract it from the chain first -- we can make this a little less verbose, I'm just not sure what direction I want to take it right now. The other change is that the cli command to install a certificate now accepts PEMs. This has been tested manually using a PEM generated from certbot, so hopefully #38 will be a breeze to hook up as well. Also want to mention khonsulabs/fabruic#26 here to show how easy the PEM conversion is. However, since there is additional validation able to be done, I suspect that the implementation in fabruic should be more extensive than what I've done here. For now, installing will work with an invalid certificate, but it will obviously fail to actually work (returning errors).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm trying to get a LetsEncrypt certificate working in BonsaiDb, and I'm stuck trying to convert
fullchain.peminto something that fabruic can accept.Right now, it seems like CertificateChain can only be serialized/deserialized through Serde, not through a format I can generate through openssl.
The text was updated successfully, but these errors were encountered: