TLS Certificates Interface
- Canonical Telco
| Channel | Revision | Published | Runs on |
|---|---|---|---|
| latest/edge | 130 | 12 Nov 2024 | |
| latest/edge | 19 | 10 Feb 2023 |
juju deploy tls-certificates-interface --channel edge
Deploy Kubernetes operators easily with Juju, the Universal Operator Lifecycle Manager. Need a Kubernetes cluster? Install MicroK8s to create a full CNCF-certified Kubernetes system in under 60 seconds.
Platform:
The TLS Certificates Interface
The whole idea behind the TLS Certificates interface is that charms can request TLS certificates to TLS providers without ever sharing their private key.
The TLS Certificates Requirer (through the use of the TLS Certificates Library) generates its private key and a Certificate Signing Request (CSR). This CSR is inserted into its unit (or application) relation data.
The TLS Certificates Provider reads this CSR, signs a certificate for it and inserts this certificate into its application relation data.
The TLS Certificates Requirer then reads the certificate, and typically stores it in a file on the workload.
