Provisioning SSL/TLS within Openstack requires the generation of x509 certificates. This includes the generation and escrow of asymmetric key pairs, issuing signing requests to a certificate authority and retrieving the issued certificates. The Barbican Key Manager will provide capabilities to do all of those operations through its Orders interface.
In this presentation, we will share the current and future state of SSL/TLS provisioning in Barbican, Barbican clients, supported certificate authorities, and outstanding work and design decisions.
Come to this presentation if you are interested in using Barbican¹s SSL/TLS life-cycle management capabilities or would like more information on when you will be able to leverage this functionality in your OpenStack deployment. Questions this talk will answer:
- What is the current state of SSL/TLS provisioning in Barbican?
- How can I get an SSL/TLS server certificate from Barbican?
- What clients can I use?
- What CAs are supported?
- How do I get support for a specific certificate authority?
- What design decisions are being reviewed, and how do I learn more?
- If I have more questions, how do I reach out to the Barbican developers?
- How do I get involved?