cfssl-self-signed: Add cfssl as per #584 (!134) · Merge requests · GitLab.org / Build / CNG

Jason Plum requested to merge 584-add-cfssl-for-self-signed into master Aug 10, 2018

Add cfssl-self-signed container to resolve #584

Replace all functionality of omgwtfssl using CFSSL (https://github.com/cloudflare/cfssl). Includes scripts/generate-certificates, which will generate a self-signed CA, and a self-signed wildcard certificate, eligible for domain.tld and *.domain.tld.

Notes:

Built on top of Alpine:3.8, which is the current :latest, but locked to the version to prevent suprises.
Includes binaries from https://pkg.cfssl.org/ instead of building.
Exposes ability to configure
- key algorithm, size
- expiry
- CA Subject, Org, Org Unit
- Cert Subject, Domain
Exports the CA in PEM form, so can be stored and passed to other components.

Closes #584

cfssl-self-signed: Add cfssl as per #584

Merge request reports