Load client certificate from hardware security device with Pkcs11 protocol #31536
Labels
enhancement
New feature or request
needs triage
New item requiring triage
question
Further information is requested
Component(s)
No response
Is your feature request related to a problem? Please describe.
We want to run an otel collector on an edge device. It should collect telemetry from applications running on that edge device, and forward them to another otel collector on a central server.
The applications on the edge device keep client certificates for mtls in a TPM chip. We would like to also use the TPM to secure the connection from the local collector to the central collector.
Is that possible as is? Or would it be possible to develop an extension that uses Pkcs11 to use a certificate in the TPM?
Thank you!
Describe the solution you'd like
An extension for using Pkcs11 to establish mtls connection for otlp exporter
Describe alternatives you've considered
Establish a tls tunnel with the Pkcs11 certificates
Additional context
No response
The text was updated successfully, but these errors were encountered: