#10275 fedora messaging stg certificate
Closed: Fixed with Explanation 2 years ago by kevin. Opened 2 years ago by lrossett.

Describe what you would like us to do:

I would like to have a fedora messaging certificate and key to send messages to fedora messaging but those messages are to be used for testing purposes during the development of a service.

Would it possible to request such access to fedora messaging in staging?

When do you need this to be done by? (YYYY/MM/DD)



Metadata Update from @mohanboddu:
- Issue priority set to: Waiting on Assignee (was: Needs Review)
- Issue tagged with: low-gain, low-trouble, ops

2 years ago

Well, we name certificates by the app/service... I don't think we want to make 'generic' certs. ;(

What about user? You would need a user also, and we normally name these the same as the name of the cert.

I am working on a fedora-messaging operator but I need something to send messages to fedora-messaging and this access would be used for development purposes only.

Could we use "fedora-messaging-operator" as username or something like that?

Yeah, although we usually append .stg to the stg ones, is that ok?

so, 'fedora-messaging-operator.stg' ?

yeah, that's completely fine :)

ok, they should be in your homedir on batcave01. ;)

Let us know if you need anything more.

I went to ansible-private and used easy-rsa to make the certs:

cd ~/ansible-private/files/rabbitmq/staging/pki
usr/share/easy-rsa/3.0.8/easyrsa build-client-full fedora-messaging-operator.stg nopass
git add .
git commit -s -a -m 'add a staging operator testing cert for leo ( infra 10275)'
git push

and then copied the cert, key, ca to ~lrossett/

Metadata Update from @kevin:
- Issue close_status updated to: Fixed with Explanation
- Issue status updated to: Closed (was: Open)

2 years ago

Login to comment on this ticket.

Metadata
Boards 1
ops Status: Backlog