mirror of https://github.com/docker/docs.git
596200b888
The original implementation assumed that if you brought your own server cert, then users certs would be signed by the same CA, but this will make it quite challenging for large enterprises who would be forced to manage certs for users, or worse, buy them from the same external CA. Since the UCP controller already trusts multiple root, there's no reason we can't add another. Prior to this change the CA stored next to the server cert was the "full" trust chain including the root CAs. With this change, we flip that around and use the swarm cert CA for the controller. This is a tiny bit messy, because we have to be careful not to accidentally wind up with that CA on the cluster components other than the controller, so I've enhanced our integration tests to cover this case specifically and make sure we don't mistakenly open the system up. In doing so, I had to refine the integration test so all the servers were signed by the same CA (the prior code was sloppy and used a fresh CA for each HA node, which meant the bundles broke on the replica controllers.) In the future, we'll likely have intermediaries with differnet privileges/scopes, and may revisit the multiple root CA model, so this seems like a reasonable compromise to keep the code churn down for now. |
||
|---|---|---|
| images | ||
| manage | ||
| reference | ||
| Dockerfile | ||
| Makefile | ||
| deploy-application.md | ||
| evaluation-install.md | ||
| index.md | ||
| kv_store.md | ||
| networking.md | ||
| overview.md | ||
| plan-production-install.md | ||
| production-install.md | ||
| production-upgrade.md | ||
| release_notes.md | ||
| support.md | ||
| understand_ha.md | ||