-
Feature Request
-
Resolution: Unresolved
-
Normal
-
None
-
2.4, 2.5
-
False
-
-
False
- What is the nature and description of the request?
Cu is installing/renewing the AAP custom certs used forĀ Controller GUI, PAH GUI and postgresql ssl certs.
Cu wants to use the ssl certs and keys which also has a passphrase for its private key. - Why does the customer need this? (List the business requirements here)
For security reasons, it decreases the risk of leaking the private key file.
Locking the private key file. - How would you like to achieve this? (List the functional requirements here)
By allowing the SSL certs with passphrase
By adding an extra variable in the inventory similar to below:
1. FOR CONTROLLER UI
# Certificate and key to install in nginx for the web UI and API
web_server_ssl_cert=/tmp/custom_certs/AAP_example.cert
web_server_ssl_key=/tmp/custom_certs/AAP_example.key
web_server_ssl_key_passphrase=''
2. FOR AUTOMATION_HUB UI
# Certificate and key to install in Automation Hub node automationhub_ssl_cert=/tmp/custom_certs/AH_example.cert automationhub_ssl_key=/tmp/custom_certs/AH_example.key automationhub_ssl_key_passphrase=''
3. FOR POSTGRES
# Server-side SSL settings for PostgreSQL (when we are installing it).
postgres_use_ssl=False/True
postgres_ssl_cert=/tmp/custom_certs/PG_example.cert
postgres_ssl_key=/tmp/custom_certs/PG_example.key
postgres_ssl_key_passphrase=''
- List any affected known dependencies: Doc, UI etc.
N/a - Github Link if any
N/a
- duplicates
-
AAPRFE-1762 Using custom SSL certs that has passphrase
-
- Closed
-