You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: doc/content/design/trusted-certificates.md
+10-3Lines changed: 10 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -73,30 +73,37 @@ This is an existing API to install a trusted certificate into the pool with its
73
73
Prior to this design, the API's name parameter represents the certificate file name as persisted on the dom0 file system.
74
74
In this design, this API will be deprecated because it exposes implementation details that should remain internal and hidden from users.
75
75
The new "pool.install_trusted_certificate" should be used instead.
76
+
For the same reason, "pool.uninstall_ca_certificate" will also be deprecated.
76
77
77
78
### pool.install_trusted_certificate
78
79
This is a new API introduced in this design with its arguments being defined as:
79
80
* session (ref session_id): reference to a valid session;
80
81
* self (ref Pool): reference to the pool;
81
-
*kind (string): the kind of the certificate; it can be either "ca" or "peer";
82
+
*ca (boolean): the trusted certificate is a root CA certificate used to verify a chain (true), or a peer certificate used for certificate pinning (false);
82
83
* cert (string): the trusted certificate in PEM format;
83
84
* purpose (string list): the purposes of the trusted certificate.
84
85
85
86
This new API is used to install trusted certificate.
86
-
The value of *kind* can be "ca", which stands for root CA certificate, or "peer" which stands for peer certificate.
87
87
When *purpose* is an empty set, it stands for a root CA certificate for general purpose.
88
-
The *purpose* can not be an empty set when the *kind* is "peer", because each peer certificate is specific to a single server and therefore unsuitable for a shared trusted certificate for general purpose.
88
+
The *purpose* can not be an empty set when the *ca* is false, because each peer certificate is specific to a single server and therefore unsuitable for a shared trusted certificate for general purpose.
89
+
90
+
It returns *void* when succeed. Otherwise, return corresponding API error.
89
91
90
92
### pool.uninstall_certificate
91
93
This is a new API introduced in this design to uninstall a trusted certificate with its arguments being defined as:
92
94
* session (ref session_id): reference to a valid session;
93
95
* certificate (ref Certificate): reference to the trusted certificate;
94
96
* force (bool): remove the database entry even if the file doesn't exist.
95
97
98
+
It returns *void* when succeed. Otherwise, return corresponding API error.
99
+
96
100
### pool.join
97
101
Prior to this design, trusted certificates are exchanged between the pool and the joining host during the pre‑join phase.
98
102
This design preserves that behavior to ensure the joiner works correctly both before and after joining the pool.
99
103
104
+
### pool.eject
105
+
The trusted certificates will be removed from any host which is being eject from the pool.
106
+
100
107
### Other APIs of managing trusted certificates
101
108
The install/uninstall APIs above are not the only ways of managing the trusted certificates.
102
109
A particular API, e.g. "pool.set_wlb_url", may also install the trusted certificate used to validate the WLB server on subsequent TLS connections.
0 commit comments