Allow setting CN and validity days on certificate generation #6
Conversation
|
In general this is great! Have you noticed an actual problem with the validity date? I recall using an expired certificate and it working on the ABM portal but can't remember clearly: I think the certificate is used purely as a vessel for the public key (for encryption) rather than any of its other attributes. 🤷 The only change I'd make is not requiring the parameters in the tools/shell script. They could be in the shell script - just not required parameters ($1 etc). I want to keep those as simple as possible for end users. The API docs (thanks!) specify the variables so for integrations that could work. Thanks again! |
|
Actually thinking about it again - if those params are omitted they'll just be blank as they're passed on. Perhaps then just the QuickStart docs can omit them :) |
Oh! I would expect any tooling to fail if a certificate is expired :) (And thus I thought it would be handy to allow people to configure more than one day to allow for more flexibility, e.g. the user generating the certificate might belong to different team than user uploading it to ABM.)
Good idea. I've set default arguments in the tools and amended the Let me know if that works. |
This allow setting a custom CN and validity days on
GET /v1/tokenpki/{name}. Such API was always using default values CN=depserver and days=1.See #5 (comment).