1.6 KiB
1.6 KiB
Public Key Infrastructure (PKI) Catalog
Configuration for certificate and keypair generation in the cluster.
The pegleg secrets generate certificates command will read
all PKICatalog documents and either find pre-existing
certificates/keys, or generate new ones based on the given
definition.
Dependencies
Pegleg's PKI Catalog depends on CloudFlare's PKI/TLS toolkit, which is installed as a part of Pegleg's Dockerfile.
Sample Document
Here is a sample document:
../../../site_yamls/site/pki-catalog.yaml
Certificate Authorities
The data in the certificate-authorities key is used to
generate certificates for each authority and node.
Each certificate authority requires essential host-specific information for each node.