Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement: Use an X509 Certificate to gain credentials #10

Open
ferventcoder opened this issue Jun 4, 2011 · 2 comments
Open

Enhancement: Use an X509 Certificate to gain credentials #10

ferventcoder opened this issue Jun 4, 2011 · 2 comments

Comments

@ferventcoder
Copy link
Member

In the world of SOx, the less people that know a password the better.

I would like to be able to pass a thumbprint to a machine and it be able to return the credentials based on hashing some salt with the private key of a certificate.

For a particular environment, no one will have access to the private key except the deployment person. The deployment person will not know the password, only the security person who set it up based on the same ideas that dropkick will use to get the credentials.
@ferventcoder
Copy link
Member Author

This will also help reduce the number of keying errors by the deployment agent.

@ferventcoder
Copy link
Member Author

This means a different certificate per ENVIRONMENT.
It also means you can't accidentally run something in an environment it was not meant for since it won't install without the certificate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ferventcoder