Self Signed X.509 Certificates

  • Canonical Telco
Channel Revision Published Runs on
latest/stable 155 04 Jul 2024
Ubuntu 22.04
latest/candidate 155 04 Jul 2024
Ubuntu 22.04
latest/beta 228 20 Dec 2024
Ubuntu 22.04
latest/edge 228 19 Dec 2024
Ubuntu 22.04
latest/edge 227 19 Dec 2024
Ubuntu 22.04
juju deploy self-signed-certificates --channel edge
Show information

Learn to deploy on juju >

Platform:

Ubuntu
22.04

Learn about configurations >

  • ca-common-name | string

    Default: self-signed-certificates-operator

    Common name to be used by the Certificate Authority. Changing this value will trigger generation of a new CA certificate, revoking all previously issued certificates.

  • ca-country-name | string

    Country name to be used by the Certificate Authority. Changing this value will trigger generation of a new CA certificate, revoking all previously issued certificates.

  • ca-email-address | string

    Email address to be used by the Certificate Authority. Changing this value will trigger generation of a new CA certificate, revoking all previously issued certificates.

  • ca-locality-name | string

    Locality name to be used by the Certificate Authority. Changing this value will trigger generation of a new CA certificate, revoking all previously issued certificates.

  • ca-organization | string

    Organization name to be used by the Certificate Authority. Changing this value will trigger generation of a new CA certificate, revoking all previously issued certificates.

  • ca-organizational-unit | string

    Organizational unit to be used by the Certificate Authority. Changing this value will trigger generation of a new CA certificate, revoking all previously issued certificates.

  • ca-state-or-province-name | string

    State or province name to be used by the Certificate Authority. Changing this value will trigger generation of a new CA certificate, revoking all previously issued certificates.

  • certificate-limit | int

    Default: 99

    Maximum number of certificates that can be issued to a single requirer. Use -1 for allowing an unlimited number of certificates.

  • certificate-validity | string

    Default: 90d

    Signed certificate validity. The given value must be followed by one of: "m" for minutes, "h" for hours, "d" for days and "w" for weeks. For example, "1m" for 1 minute, "10w" for 10 weeks. If no units are given, the unit will be assumed as days. Defaults to 90 days. This value should be equal to or shorter than half the root-ca-validity. Changing this value will trigger generation of a new CA certificate, revoking all previously issued certificates.

  • root-ca-validity | string

    Default: 365d

    RootCA certificate validity. The given value must be followed by one of: "m" for minutes, "h" for hours, "d" for days and "w" for weeks. For example, "1m" for 1 minute, "10w" for 10 weeks. If no units are given, the unit will be assumed as days. Defaults to 365 days. This value should be equal to or longer than twice the certificate-validity. Changing this value will trigger generation of a new CA certificate, revoking all previously issued certificates.