-
Notifications
You must be signed in to change notification settings - Fork 624
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Scalable hosting for ca.ipxe.org files #126
Comments
Added #127 to handle the related scalable hosting for OCSP. |
i ask packethost https://www.packet.com/community/open-source/ |
i have send packethost a friendly message, to ask about to support ipxe. |
@MaxPeal @mcb30 We at @packethost are interested in helping, I'll follow up on the email. |
|
qemu can make root ca certificates available to guests, via fw_cfg, and ipxe could use that. In that case managing the list of certificates would be the job of the host machine, Of course this would solve the problem for (qemu/kvm) virtual machines only, |
Description
As a sysadmin, I would like the cross-signed certificate files (see https://ipxe.org/cfg/crosscert) to be hosted on a highly available service, so that I do not have to worry about outages of the single machine currently hosting
ca.ipxe.org
.The cross-signed certificate files are just static files (with filenames constructed from a hash of the certificate subject name) and can be served from any infrastructure capable of serving static files via HTTP. The request from iPXE includes a query string encoding the raw subject name but this is only for debugging purposes and can be safely ignored.
Acceptance criteria
http://ca.ipxe.org/auto
base URIThe text was updated successfully, but these errors were encountered: