summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormo khan <mo@mokhan.ca>2022-03-29 12:48:50 -0600
committermo khan <mo@mokhan.ca>2022-03-29 12:48:50 -0600
commit4e3aca15328df5678c8f510ad803bd554a53af30 (patch)
tree07fd581b1d874eea30bd8206a8c4ed18f41c3500
parent13f0cd7382f97d68b66583185c85b8566199c06f (diff)
add notes on HCP PKI
Diffstat
-rw-r--r--doc/authz/README.md46
1 files changed, 46 insertions, 0 deletions
diff --git a/doc/authz/README.md b/doc/authz/README.md
index 058d139..4951d68 100644
--- a/doc/authz/README.md
+++ b/doc/authz/README.md
@@ -152,6 +152,52 @@ Bindings:
}
```
+
+Hashicorp (PKI)
+
+```plaintext
+ --------------------
+ | Let's Encrypt CA |
+ --------------------
+ |
+ | issues
+ ----------------------
+ | Let's Encrypt Cert |
+ ----------------------
+
+ ?
+
+
+ ---------------------
+ | HashiCorp Root CA |
+ ---------------------
+ |
+ | signs
+ |
+ ---v---------------------------------------------
+ | HashiCorp Primary Intermediate CA (HC 101 CA) |
+ -------------------------------------------------
+ |
+ ---v--------------------
+ | Vault: Data-Plane CA |
+ ------------------------
+ | signs
+ |----------------------------------------
+ | |
+ ---v--------------------------- -------v----------------------------
+ | Role: RoleConsulServerCerts | | Role: RoleHostManagerServerCerts |
+ ------------------------------- ------------------------------------
+ | issues
+ |-----------------------------------
+ | |
+ ---v----------------- ---v------------------
+ | consul server | | host manager |
+ | server.crt/key.pem| | server.crt/key.pem |
+ --------------------- ----------------------
+```
+
+
+
Questions:
1. What happens when the authz server goes down?
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-01 22:38:07 +0000