d2665a4936
The certificates should probably have been versioned because as it
stands it is a bit inconsistent. The default/legacy method of
requesting a certificate is to set cn and sans down the relation,
the server will respond with <unit name>.server.{server,key}. This
does not allow for multiple requests, so the new method to make
the request is to set `cert_requests` whose value is a json encoded
list of requests. The ca the responds by setting
<unit name>.processed_requests.
In addition to this the interface supports application and client
certificates. Client requests use the client_cert_requests key for
requests and <unit name>.processed_client_requests for responses.
Multiple requests for client certificates can be made.
Application certificates are a single certificate and key and the
same cert and key are shared across all units of an application.
The cert sans contains entries for all units. Only one application
certificate is supported. Application certificate requests use the
application_cert_requests key for requests and
<unit name>.processed_application_requests for the response.
8 lines
146 B
Plaintext
8 lines
146 B
Plaintext
# Lint and unit test requirements
|
|
flake8
|
|
stestr>=2.2.0
|
|
mock>=1.2
|
|
coverage>=3.6
|
|
cryptography
|
|
git+https://github.com/canonical/operator.git#egg=ops
|