-
Notifications
You must be signed in to change notification settings - Fork 931
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature Request: nebula-cert via script #939
Comments
Hi @TheBinaryLoop - Sometimes
Could you share a bit more about your use case? As far as programmatic access goes, today we typically recommend importing nebula directly as a Go dependency. |
For my specific use-case, I need to compile and run the nebula-cert binary in an encapsulated wasm environment where no fs is available. I need to go though the complete setup process (generating CA, signing certs) without ever touching the file-system (Security related). I know this sound special, but I think it would be a good addition to be able to use nebula-cert only to the console. |
@TheBinaryLoop This does sound like a rather specialized use case. It's a bit awkward for a few reasons, including the fact that some of these commands accept multiple file inputs, as well as text on stdin (i.e. encryption passphrase for the CA), output multiple files, and there are some security implications raised by inputting private keys on the command line. Since you need to compile nebula-cert for this environment anyway, have you considered writing a wrapper Golang program around the nebula library that does what you need? |
I had a similar use case where I wanted to work fully in memory with certificates. |
Hi all, is it possible to change the nebula-cert binary to be completely scriptable without the need for filesystem? So print the ca to stdout (for example json formated) after creation and so on?
The text was updated successfully, but these errors were encountered: