Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[cluster-local-domain-tls] extend our Knative internal CA to sign cluster-local certificates #14216

Closed
2 tasks
ReToCode opened this issue Aug 3, 2023 · 1 comment
Closed
2 tasks

[cluster-local-domain-tls] extend our Knative internal CA to sign cluster-local certificates #14216

ReToCode opened this issue Aug 3, 2023 · 1 comment
Assignees
@ReToCode
Labels
kind/feature Well-understood/specified features, ready for coding. triage/accepted Issues which should be fixed (post-triage)

Comments

@ReToCode
Copy link
Member

ReToCode commented Aug 3, 2023

Context

Vision: #14213.

To build end-to-end encryption with cluster-local certificates, we agreed to extend the Knative internal CA to also sign cluster-local certificates, if no other Knative-Certificate implementation is present.

TODO

  • Create a new CA for cluster-local domains (to not mix with internal certificates)
  • Add a new reconciler for KnativeCertificate CR
@ReToCode ReToCode added kind/feature Well-understood/specified features, ready for coding. triage/accepted Issues which should be fixed (post-triage) labels Aug 3, 2023
This was referenced Aug 3, 2023
Closed
Open
@ReToCode ReToCode self-assigned this Aug 3, 2023
@ReToCode ReToCode moved this to In Progress in Serving Encryption Aug 3, 2023
@ReToCode ReToCode changed the title Extend our Knative internal CA to sign cluster-local certificates [cluster-local-domain-tls] extend our Knative internal CA to sign cluster-local certificates Sep 14, 2023
This was referenced Sep 14, 2023
Closed
Closed
Closed
Open
@ReToCode ReToCode mentioned this issue Nov 13, 2023
Merged
@ReToCode
Copy link
Member Author

This is no longer needed, as we are going to rely only on net-certmanager to provide the certificates.

@github-project-automation github-project-automation bot moved this from In Progress to Done in Serving Encryption Nov 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ReToCode ReToCode

Labels
kind/feature Well-understood/specified features, ready for coding. triage/accepted Issues which should be fixed (post-triage)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ReToCode