Re: [DISCUSS][PROPOSAL] CA authority plugin definition

2017-04-14 Thread John Kinsella
I’d suggest taking a look at using Dogtag[1] as well. Actually, that’s what the Other Guys also suggest[2]. 1: http://pki.fedoraproject.org/wiki/PKI_Main_Page 2: https://wiki.openstack.org/wiki/PKI > On Apr

Re: [DISCUSS][PROPOSAL] CA authority plugin definition

2017-04-14 Thread Simon Weller
Yeah, I agree it would be better as a plugin. We feel a big thing missing in ACS right now is a KMS style service. From: Daan Hoogland Sent: Friday, April 14, 2017 10:05 AM To: dev@cloudstack.apache.org Subject: Re: [DISCUSS][PROPOSAL] CA authority plugin

Re: [DISCUSS][PROPOSAL] CA authority plugin definition

2017-04-14 Thread Daan Hoogland
Simon, I can think of use cases for that and it is an interesting topic. I can also see it as being implemented in a CA-plugin. I do not think it should be in the base of this framework though. That would complicate cloudstack for simple users to much I think. On the other hand, it would have mo

Re: [DISCUSS][PROPOSAL] CA authority plugin definition

2017-04-14 Thread Simon Weller
Daan, What about integrating some like Vault (https://github.com/hashicorp/vault)? - Si From: Daan Hoogland Sent: Friday, April 14, 2017 5:46 AM To: dev@cloudstack.apache.org Subject: [DISCUSS][PROPOSAL] CA authority plugin definition Devs, Following a discu