CDF certificate should be improved to have long term valid certificate

Idea ID 1765776

CDF certificate should be improved to have long term valid certificate

Recently, certificate expiry risk has been detected to all CDF based on K8S's certificate management.

ex.) https://softwaresupport.softwaregrp.com/doc/KM03350900 is one of support documentation for SMA CDF.

The customer has to renew the CDF certificate according to online help for each CDF version.

However, the renewal procedure generates a 1-year valid certificate again.
Customer will be required annual renewal task.
It is very troublesome and unfriendly for our customer even if it's the default behavior of bundled K8S.

So, our all CDF should be improved to generate long term certificate (maybe also CA cert of K8S) by easy step (or installation).

 

3 Comments
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor
Status changed to: Declined

Current Security and Trust office policy dictates that certificate cannot be issued longer than 1 year

Valued Contributor.. Valued Contributor..
Valued Contributor..

Shouldn't the certificate renewal process be automated anyway as well as have a short renewal cycle? As it stands certificate revocation list are broken.

Super Contributor.. Super Contributor..
Super Contributor..

Please improve the mf document for CA certificate update, renew as compare to non container product certificate section docker documents need to improve and add more information for update CA certificate.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.