diff options
| author | andreer <andreer@verizonmedia.com> | 2019-04-12 15:54:56 +0200 |
|---|---|---|
| committer | andreer <andreer@verizonmedia.com> | 2019-04-12 15:55:44 +0200 |
| commit | 3e0a75f6e7c5fc5af04690343744bc6f61c56e29 (patch) | |
| tree | ec313c3e177718db432f08da6280930d8336e7b6 /controller-api | |
| parent | 96f84332c9fd0ef0d7da82b8ed3874498c871234 (diff) | |
WIP
Diffstat (limited to 'controller-api')
3 files changed, 45 insertions, 0 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateManager.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateManager.java new file mode 100644 index 00000000000..f7aca1bb32e --- /dev/null +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateManager.java @@ -0,0 +1,20 @@ +package com.yahoo.vespa.hosted.controller.api.integration.certificates; + +import com.yahoo.config.provision.ApplicationId; +import com.yahoo.config.provision.Environment; + +import java.util.Collection; + +public interface CertificateManager { + + /** + * Ensure a valid certificate is provisioned for an application instance in a given environment + * + * @param applicationId The application instance for which the certificate is to be provisioned + * @param environment The environment for which the certificate is to be provisioned + * @param endpointNames A collection of endpoint names for which the certificate must be valid + * @return A reference that allows retrieving the private key and certificate chain from the configured secret store + */ + CertificateReference provisionTlsCertificate(ApplicationId applicationId, Environment environment, Collection<String> endpointNames); + +} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateProvider.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateProvider.java new file mode 100644 index 00000000000..2503325760d --- /dev/null +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateProvider.java @@ -0,0 +1,9 @@ +package com.yahoo.vespa.hosted.controller.api.integration.certificates; + +import java.security.KeyPair; +import java.security.cert.X509Certificate; +import java.util.List; + +public interface CertificateProvider { + List<X509Certificate> requestCaSignedCertificate(KeyPair keyPair, List<String> domains); +} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateReference.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateReference.java new file mode 100644 index 00000000000..ea38da4f800 --- /dev/null +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateReference.java @@ -0,0 +1,16 @@ +package com.yahoo.vespa.hosted.controller.api.integration.certificates; + +public class CertificateReference { + public CertificateReference(String secretStorePrivateKeyname, int secretStorePrivateKeyVersion, String secretStorePublicCertificateName, int secretStorePublicCertificateVersion) { + this.secretStorePrivateKeyname = secretStorePrivateKeyname; + this.secretStorePrivateKeyVersion = secretStorePrivateKeyVersion; + this.secretStorePublicCertificateName = secretStorePublicCertificateName; + this.secretStorePublicCertificateVersion = secretStorePublicCertificateVersion; + } + + private String secretStorePrivateKeyname; + private int secretStorePrivateKeyVersion; + + private String secretStorePublicCertificateName; + private int secretStorePublicCertificateVersion; +} |