Poppy

SSL Certificate Provisioning via Barbican

Registered by Tony Tan

A user should be able to request a certificate to be provisioned with the provider they are using. The certificate should then be related to the domain(s) they are using in a service.

With Akamai, this will require provisioning a certificate using Akamai API's.
With Other providers such as MaxCDN and Cloudfront, this will require provisioning certificates using Barbican and uploading it to the provider. The Barbican integration can come later.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Low
Drafter:
Tony Tan
Direction:
Approved
Assignee:
Tony Tan
Definition:
New
Series goal:
None
Implementation:
Deferred
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/ssl-certificates,n,z

Addressed by: https://review.openstack.org/209648
    ssl-create-cert-endpoing Implements blueprint: ssl-certificates Implements blueprint: akamai-ssl-driver

Addressed by: https://review.openstack.org/204732
    Notification driver implementation Implements blueprint: notification-driver

Gerrit topic: https://review.openstack.org/#q,topic:associate-domain-to-cert,n,z

Addressed by: https://review.openstack.org/224920
    ssl-cert-provision endpoint.This allows user to create a certificate with akamai driver. Should be letting user assoicate a certificate with a domain. Implements blueprint: ssl-certificates Implements blueprint: akamai-ssl-driver

Addressed by: https://review.openstack.org/224921
    ssl-cert-provision endpoint.This allows user to create a certificate with akamai driver. Should be letting user assoicate a certificate with a domain. Implements blueprint: ssl-certificates Implements blueprint: akamai-ssl-driver

Addressed by: https://review.openstack.org/224950
    ssl-cert-provision endpoint.This allows user to create a certificate with akamai driver. Should be letting user assoicate a certificate with a domain. Implements blueprint: ssl-certificates Implements blueprint: akamai-ssl-driver

Addressed by: https://review.openstack.org/224955
    Associate an ssl-cert to a service domain bind a created a cert(or mod_san_cert) to a service domain Implements blueprint: ssl-certificates Implements blueprint: akamai-ssl-driver

Addressed by: https://review.openstack.org/224246
    Implement: Add on domain level certificate status To implement ssl certification automation we need to add domain level certificate status. Right now the certificate status only applies to ssl domains

Gerrit topic: https://review.openstack.org/#q,topic:akamai-papi-scripts,n,z

Gerrit topic: https://review.openstack.org/#q,topic:delete-cert-endpoint,n,z

Gerrit topic: https://review.openstack.org/#q,topic:cert_info-by_domain,n,z

Addressed by: https://review.openstack.org/232148
    feat: GET certificate endpoint

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.