Comments (4)
I think we should eventually move towards a design where the main CA credentials don't have to be on beehive at all... The minimal, correct credentials should be transferred during server provisioning.
This also allows us to ensure that the CA private key is stored on a separate, secure system that's backed up automatically.
from beehive-server.
I'm having a hard time getting the waggleca tool to run correctly on my own machine. I'm able to generate certificates fine using: https://github.com/seanshahkarami/testca
I'll look at what's needed to make the waggleca tool more generally available outside of beehive.
from beehive-server.
from beehive-server.
I agree with keeping it off the deployed server. There are also designs where you have the root CA sign sub-CAs which could also do signing. But, I think there are other options for node credentials we may want to think about before putting in much time in rebuilding the CA chain. Maybe..?
from beehive-server.
Related Issues (20)
- Better error message and status codes from beehive-flask HOT 1
- Understand and prototype running core service in clustered mode
- Design and prototype provisioning of core piece of infrastructure HOT 4
- Ensure all important RabbitMQ exchanges and queues are defined as durable HOT 1
- Prototype static version of beehive dataset interface HOT 3
- Backup plan for RabbitMQ definitions HOT 1
- Document and review list of metrics + monitoring data in use
- Review ETL processes for sanitization, robustness and correctness HOT 1
- Schedule static dataset index regeneration HOT 1
- Survey "collaborator" beehive deployments
- Clean up Dockerfile and their locations HOT 1
- Start laying out critical Ansible playbooks for provisioning and managing servers
- Layout good places to start "virtual deployment seams" HOT 3
- Review reverse ssh tunnel process HOT 1
- Simplify container runtime management HOT 2
- Unify data model HOT 1
- Ensure update-node-users is enabled during install
- Ensure messages exchange is created during install
- 405 Method Not Allowed on beehive-registration server HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from beehive-server.