[caasp-beta] CaasP v4 Question

Roger Klorese roger.klorese at suse.com
Wed Aug 28 13:07:29 MDT 2019 

We were already planning on support of external certs for 4.x - it was planned for 4.0 but got cut on the time-vs-resources balancing act. So adding Let's Encrypt/Certbot capability to it is a great enhancement, especially given kubeadm's certificate-handling capabilities.

Roger B.A. Klorese (they/them or he/him)
Senior Product Manager
SUSE
255 King St Suite 800
Seattle WA 98104
(P)+1 206.217.7432
(M)+1 425.444.5493
roger.klorese at suse.com
Schedule a meeting: https://doodle.com/RogerKlorese
GPG Key: D567 F186 A6AE D244 067E  95E4 E67D 019F 0670 D9CC

________________________________
From: Donaldson, Ian <Ian.Donaldson at NGIC.COM>
Sent: Wednesday, August 28, 2019 11:02 AM
To: caasp-beta at lists.suse.com <caasp-beta at lists.suse.com>; Cameron Seader <CSeader at suse.com>
Cc: Roger Klorese <roger.klorese at suse.com>
Subject: RE: CaasP v4 Question


Right, no hard dependency on Certbot, that’s just what came to mind.



I think this would be a really big win.


I can already hear end users complaining about the existing cert warnings in their browsers for things like gangway/dex.





Thanks,





Ian Donaldson

Unix Systems Administrator

Office: 336-435-3983

ian.donaldson at NGIC.com

[cid:image001.png at 01CF32FA.7C387000]







From: Cameron Seader <CSeader at suse.com>
Sent: Wednesday, August 28, 2019 1:56 PM
To: Donaldson, Ian <Ian.Donaldson at NGIC.COM>; caasp-beta at lists.suse.com
Subject: Re: CaasP v4 Question



WARNING:

This Message came from an external source. Please exercise caution when opening any attachments or clicking on links.

________________________________

That's a great idea. We have solutions written for other things. I can take a look at a solution there. It may not be Certbot though.



--

Cameron Seader

Technology Strategist

SUSE

cs at suse.com<mailto:cs at suse.com>

(M)208-420-2167



www.susecon.com<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.susecon.com&d=DwQF-g&c=eX9KRkvDm-KpLMQpCehyR8jZgBp9CE2JNMo9X4BhLFU&r=XL_zjqroomktb1qzCDuhym3JVbyITBCYnbJ2SbM3PwA&m=Y1eq4SD0jX6LWhd6lLW3Rn8_eSCxhvMvQ6PCrJAzRLU&s=jRZvj7e_SxMjySPQxSlpruxpavq_F2HszPH9cOMO7xc&e=>

________________________________

From: caasp-beta <caasp-beta-bounces at lists.suse.com<mailto:caasp-beta-bounces at lists.suse.com>> on behalf of Donaldson, Ian <Ian.Donaldson at NGIC.COM<mailto:Ian.Donaldson at NGIC.COM>>
Sent: Wednesday, August 28, 2019 11:52 AM
To: caasp-beta at lists.suse.com<mailto:caasp-beta at lists.suse.com> <caasp-beta at lists.suse.com<mailto:caasp-beta at lists.suse.com>>
Subject: [caasp-beta] CaasP v4 Question



Is there  any chance SUSE could ship Certbot/Let’s Encrypt w/CaaS v4 so things like Gangway/Dex out of the box look secure in an end user’s browser (green lockbox) ?





Thanks,





Ian Donaldson

Unix Systems Administrator

Office: 336-435-3983

ian.donaldson at NGIC.com<mailto:ian.donaldson at NGIC.com>

[cid:image001.png at 01CF32FA.7C387000]




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.suse.com/pipermail/caasp-beta/attachments/20190828/0a36aa6f/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 2857 bytes
Desc: image001.png
URL: <http://lists.suse.com/pipermail/caasp-beta/attachments/20190828/0a36aa6f/attachment.png>

More information about the caasp-beta mailing list