This repository has been archived by the owner on Oct 6, 2019. It is now read-only.
Feature request: TLS Certificate Auth Method #242
Labels
Comments
|
Without loading the private key, it's impossible to communicate properly with Vault and retrieve a token. The only way to do this would be to require the end user to upload both the public and private key. This is programatically possible using go's TLS package, but this feature would require a lot of testing and proper integration tests, which I currently don't have the time for. I'll leave this issue open in case anyone wants to try implementing it, but the likelihood of this being implemented is fairly low. |
Caiyeon
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
It would be fantastic if Goldfish could "proxy" the TLS auth backend and request a client-side certificate from the browser, using it to receive a token from Vault. As Vault is still lacking support for generic OAuth endpoints this would at least support one commonly used "enterprise login" method.
The text was updated successfully, but these errors were encountered: