Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Install Wizard Advanced Certificate setup, list, and validate page #67

Open
jp669844 opened this issue Oct 25, 2023 · 2 comments
Open

Install Wizard Advanced Certificate setup, list, and validate page #67

jp669844 opened this issue Oct 25, 2023 · 2 comments
Assignees
@skurnevich
Labels
Epic
Milestone
ZEN 1.0.0

Comments

@jp669844
Copy link

jp669844 commented Oct 25, 2023
edited
Loading

There are 5 scenarios (outlined here: docs.zowe.org, or zowe.yaml).
At least one of them shall be implemented as screens in ZEN 1.0.0 - need a decision on what is the most common scenario so far.

  • ask for all relevant variables and paths, and validate them.
  • add a link to the documentation
  • store JCL (if used) to allow replay
@jp669844 jp669844 added this to the ZEN 1.0.0 milestone Oct 25, 2023
@jp669844 jp669844 changed the title Implement basic certificate setup screen Implement TLS certificates setup screen Oct 25, 2023
@jp669844 jp669844 mentioned this issue Oct 25, 2023
Closed
@1000TurquoisePogs
Copy link
Member

Could we write a program that runs under the STC user which does in order:

  • tries to list the contents of the keyring the user provided
  • sees if the contents contains the key they specified
  • if it has the key, read it to see if the EKU section is correct

if it fails at any step, that step roughly tells us what is wrong.

this would imply that zwe init security has run beforehand, otherwise the STC user may not exist.

often, zowe needs to connect with zosmf, so the CAs need to be good for that.
could we write a program that tries to reach zosmf using the truststore the user provided, and check what kind of failure we get?

@1000TurquoisePogs
Copy link
Member

the api-layer repo already has a java tool that i hope can do some or all of this: https://github.com/zowe/api-layer/tree/v2.x.x/certificate-analyser

@1000TurquoisePogs 1000TurquoisePogs changed the title Implement TLS certificates setup screen Install Wizard Advanced Certificate setup, list, and validate page Jul 11, 2024
@skurnevich skurnevich self-assigned this Oct 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@skurnevich skurnevich

Labels
Epic
Projects
WebUI planning board
Status: Backlog
Milestone
ZEN 1.0.0
Development

No branches or pull requests
3 participants
@1000TurquoisePogs @jp669844 @skurnevich