Comments (5)
This is really interesting --- I'd never really considered the use case where certmgr was a library.
To address the points:
- Easy enough. The only thing I really worry about it is dependencies disappearing from Github, but the risk is low because only the prometheus library and cobra/viper packages are the external dependencies.
- This should also be relatively straightforward.
- This could be done by having a different function to return an initialised manager.
letting them pass in configuration via function parameters.
What does that look like?
from certmgr.
Could you just migrate to dep for 1?
from certmgr.
@cbroglie Indeed.
from certmgr.
@andrewplunk One thing that occurs to me, have you tried using the CFSSL transport
package? certmgr is essentially a UI on top of this, so it might be useful, too.
from certmgr.
letting them pass in configuration via function parameters.
What does that look like?
I would like my clients to provide my library with the CA label and auth key required to provision certs from the transport. I would then configure certmgr with my own svcmgr.Manager implementation to handle reloading the tls.GetClientCertificate/tls.GetCertificate's caches as necessary.
@andrewplunk One thing that occurs to me, have you tried using the CFSSL transport package? certmgr is essentially a UI on top of this, so it might be useful, too.
You're totally right I could build this on top of the CFSSL transport package. I will do so if you don't think that certmgr makes sense as a library.
from certmgr.
Related Issues (20)
- incorrect version for latest 3.0.3 release HOT 1
- Any way to dump certificate bundle? HOT 2
- docs: building and readme outdated HOT 2
- spec as yaml broken HOT 2
- Build fails on riscv64 FreeBSD
- Cut a new release
- "Lookup requires cgo" error when testing the README specs example HOT 3
- cert: no CA file provided, won't write to disk HOT 3
- Make certmgr only look for *.json, *.yaml or *.yml files in certmgr.d dir
- If a CA is renewed call svc manager restart/reload.
- SwissSign certificate filenames contain ':' character HOT 1
- Certmgr should verify that a preexisting cert matches the spec provided HOT 4
- Certmgr should provide the ability to block startup until all certificates have been created HOT 2
- certmgr ensure doesn't regenerate key if algorithm or size changes HOT 2
- support self-signed certificates HOT 1
- Support on Windows HOT 2
- Incompatibility with cfssl/csr HOT 2
- Feature: Homebrew Install for macOS
- CI builds are broken after go modules
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from certmgr.