Add support for P12 and PEM formats in bootstrapper and renewer #294
+18
−7
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Name of feature:
Introduce P12 and PEM environment variables, certificate generation, and renewal handling in Dockerfiles and scripts.
Pain or issue this feature alleviates:
This feature automates the management of P12 and PEM certificate formats in Dockerized environments, ensuring proper handling of SSL/TLS certificates. It simplifies certificate renewal and integration into the containerized application for prisma.io (requires p12 certificate for postgresql), pem certificate for mongodb
Why is this important to the project (if not answered above):
Becouse we are using prisma.io and payloadcms with SSL database connections.
Is there documentation on how to use this feature? If so, where?
Example for mongodb:
tls=true&tlsCertificateKeyFile=/var/run/autocert.step.sm/site.pem&tlsCAFile=/var/run/autocert.step.sm/root.crt&authSource=$external&authMechanism=MONGODB-X509"
Example for prisma + postgesql:
sslmode=require&sslcert=/var/run/autocert.step.sm/root.crt&sslidentity=/var/run/autocert.step.sm/site.p12
In what environments or workflows is this feature supported?
This feature is supported in any Docker-based environments where certificates need to be generated and renewed, particularly in secure production, staging, and development environments.
In what environments or workflows is this feature explicitly NOT supported (if any)?
N/A
Supporting links/other PRs/issues:
N/A