Skip to content
This repository has been archived by the owner on Dec 21, 2019. It is now read-only.

Support SAN certificates #21

Closed
tazjin opened this issue Sep 25, 2016 · 0 comments
Closed

Support SAN certificates #21

tazjin opened this issue Sep 25, 2016 · 0 comments
Assignees
@tazjin
Labels
enhancement help wanted
Milestone
v1.3

Comments

@tazjin
Copy link
Owner

tazjin commented Sep 25, 2016

First idea:

Let users put JSON arrays into annotations, e.g.:

acme/certificate: '["tazj.in", "www.tazj.in"]'

Once #2 is fixed this should be a separate field in the resource!

Implementation wise:

  1. Challenge handling has to be split out & done for each domain with the same Authorization.
  2. We can probably do 1 in a parallelStream()

Q:

  1. Certificate naming becomes unclear! This ties into Re-evaluate naming of secrets #17
@tazjin tazjin mentioned this issue Sep 25, 2016
Closed
@tazjin tazjin modified the milestone: v1.3 Sep 25, 2016
This was referenced Sep 25, 2016
Closed
Closed
@tazjin tazjin self-assigned this Sep 25, 2016
@tazjin tazjin mentioned this issue Sep 25, 2016
Closed
tazjin added a commit that referenced this issue Sep 25, 2016
@tazjin
feat acme: Add support for SAN certificates
5dccaa3 
Add support for requesting a certificate for multiple domains at the
same time (SAN certificate).

This is implemented via some additional syntax for the current request
annotation on k8s services.

If a service is a JSON array (checked by comparing the first character
to '[') it is decoded into a list of domains.

If multiple domains are specified the `acme/secretName` annotation MUST
be set to specify the name of the resulting secret.

Fixes #21
Fixes #22
Fixes #17
@tazjin tazjin mentioned this issue Sep 25, 2016
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@tazjin tazjin

Labels
enhancement help wanted
Projects
None yet
Milestone
v1.3
Development

No branches or pull requests
1 participant
@tazjin