Uploaded image for project: 'SAFe Program'
  1. SAFe Program
  2. SP-4439

Publicly verifiable Certificate Authority for internally hosted services

Change Owns to Parent OfsSet start and due date...
    XporterXMLWordPrintable

Details

    • Services
    • Hide

      There are a number of internally hosted services that require TLS/mTLS encryption and verification.  The leading example is Elasticsearch, which is hosted in multiple locations and requires TLS and mTLS for internal transport layer and client HTTP.

      Currently, this is handled with a privately managed self-signed CA, but this is becoming increasingly problematic because it requires CaCert distribution to the increasing number of clients  - applications and users.

      This could be resolved with a delegated CA, that has been signed by publicly recognised CA, so that the certificate chain is already widely known/distributed.

      Show
      There are a number of internally hosted services that require TLS/mTLS encryption and verification.  The leading example is Elasticsearch, which is hosted in multiple locations and requires TLS and mTLS for internal transport layer and client HTTP. Currently, this is handled with a privately managed self-signed CA, but this is becoming increasingly problematic because it requires CaCert distribution to the increasing number of clients  - applications and users. This could be resolved with a delegated CA, that has been signed by publicly recognised CA, so that the certificate chain is already widely known/distributed.
    • Hide

      A delegated CA exists, signed by a publicly recognised CA, and is used by some SKAO services

      Show
      A delegated CA exists, signed by a publicly recognised CA, and is used by some SKAO services

    • PI24 - UNCOVERED

    • Team_IT

    Description

      Provide a delegated CA, that has been signed by publicly recognised CA, so that the certificate chain is already widely known/distributed.

      Attachments

        Structure

          Activity

            People

              r.schofield Schofield, Richard
              P.Harding Harding, Piers
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Feature Progress

                Story Point Burn-up: (0%)

                Feature Estimate: 0.0

                IssuesStory Points
                To Do00.0
                In Progress   00.0
                Complete00.0
                Total00.0

                Dates

                  Created:
                  Updated:

                  Structure Helper Panel