Support passing certificate PEM string to API Client #11722
Comments
|
@lawliet89 I don't feel against this. Feel free to take a shot at implementing this. I feel most of the effort will be in plumbing the PEM string till that point. Let us know how it goes! |
|
Sure. I'll take a look. I think we can leave it to the user of the API client to figure out how to plumb the |
|
Hi @lawliet89 - have you had any luck with this? If you need assistance, please feel free to ping back and we'll help you out! Thanks! |
|
Sorry, I've not had the time to implement this. If anyone wants to take it on, please feel free. I'll update if/when I implement something. |
|
Thanks, @lawliet89 - I'll also check with our product owners to see about potentially roadmapping this ourselves. I can't make any guarantees, so please do feel free to still take a shot at it if you wish! |
heatherezell
added
core/api
auth/cert
|
Hi @lawliet89, thank you for contributing this! I opened a PR #14753 which follows pretty closely to your description. Please let me know if that's what you had in mind. |
|
@averche looks great :) Thank you. |
|
I have merged the fix, thanks for contributing to HashiCorp! |
Is your feature request related to a problem? Please describe.
The API Client makes use of
go-rootcertsto configure TLS forHttpClient.go-rootcertssupports passing in a PEM encoded string.This is useful for API client usage such as in the Terraform Vault provider where the CA string might be passed from other data/resources.
Describe the solution you'd like
Add a new
CACertificate[]byteattribute toTLSConfigand pass that torootcerts.Config.Describe alternatives you've considered
Writing PEM string to a temporary file.
Explain any additional use-cases
If there are any use-cases that would help us understand the use/need/value please share them as they can help us decide on acceptance and prioritization.
Additional context
If this is acceptable, I can take a stab at implementing it.
The text was updated successfully, but these errors were encountered: