From 3a0bb30df9b2795b80b77985927a44de2bb6f1ae Mon Sep 17 00:00:00 2001 From: 3keyroman Date: Wed, 20 Nov 2024 14:54:09 +0100 Subject: [PATCH] Add CZERTAINLY Issuer integration - CZERTAINLY Issuer integration using `issuer-lib` --- content/docs/configuration/issuers.md | 51 +++++++++++++++------------ 1 file changed, 28 insertions(+), 23 deletions(-) diff --git a/content/docs/configuration/issuers.md b/content/docs/configuration/issuers.md index 458ef617c0..cede301e1e 100644 --- a/content/docs/configuration/issuers.md +++ b/content/docs/configuration/issuers.md @@ -7,35 +7,37 @@ The following list contains all known cert-manager issuer integrations.
-| Tier | Controller | Docs | Issuer | cert-manager
version used
in tutorial[^1] | Released within
12 months[^2] | Is Open Source | -|------|-----------------------------|-------------------------------------|------------------------------------------------------------------------|---------------------------------------------------|-------------------------------------|----------------| -| 🥇 | acme-issuer (in-tree) | [📄][config:acme-issuer] | [ACME][ca:acme] | [latest][production:acme-issuer] | [✔️][release:cert-manager] | ✔️ | -| 🥇 | venafi-enhanced-issuer | [📄][config:venafi-enhanced-issuer] | [Venafi TLS Protect][ca:venafi-enhanced-issuer] | [v1.12.1][production:venafi-enhanced-issuer] | [✔️][release:venafi-enhanced-issuer] | ❌ | -| 🥇 | origin-ca-issuer | [📄][config:origin-ca-issuer] | [Cloudflare Origin CA][ca:origin-ca-issuer] | [supported][production:origin-ca-issuer] | [✔️][release:origin-ca-issuer] | ✔️ | -| 🥈 | adcs-issuer | [📄][config:adcs-issuer] | [Microsoft Active Directory
Certificate Service][ca:adcs-issuer] | - | [✔️][release:adcs-issuer] | ✔️ | -| 🥈 | aws-privateca-issuer | [📄][config:aws-privateca-issuer] | [AWS Private Certificate Authority][ca:aws-privateca-issuer] | - | [✔️][release:aws-privateca-issuer] | ✔️ | -| 🥈 | ca-issuer (in-tree) | [📄][config:ca-issuer] | CA issuer | - | [✔️][release:cert-manager] | ✔️ | -| 🥈 | command-issuer | [📄][config:command-issuer] | [Keyfactor Command][ca:command-issuer] | - | [✔️][release:command-issuer] | ✔️ | -| 🥈 | cview-issuer | [📄][config:cview-issuer] | [CView-issuer][ca:cview-issuer] | - | [✔️][release:cview-issuer] | ❌ | -| 🥈 | ejbca-issuer | [📄][config:ejbca-issuer] | [EJBCA][ca:ejbca-issuer] | - | [✔️][release:ejbca-issuer] | ✔️ | -| 🥈 | google-cas-issuer | [📄][config:google-cas-issuer] | [Google Cloud Certificate
Authority Service][ca:google-cas-issuer] | - | [✔️][release:google-cas-issuer] | ✔️ | -| 🥈 | gs-atlas-issuer | [📄][config:gs-atlas-issuer] | [GlobalSign CA][ca:gs-atlas-issuer] | - | [✔️][release:gs-atlas-issuer] | ✔️ | -| 🥈 | horizon-issuer | [📄][config:horizon-issuer] | [EVERTRUST Horizon][ca:horizon-issuer] | - | [✔️][release:horizon-issuer] | ✔️ | -| 🥈 | ncm-issuer | [📄][config:ncm-issuer] | [Nokia Netguard Certificate Manager][ca:ncm-issuer] | - | [✔️][release:ncm-issuer] | ✔️ | -| 🥈 | selfsigned-issuer (in-tree) | [📄][config:selfsigned-issuer] | Self-Signed issuer | - | [✔️][release:cert-manager] | ✔️ | -| 🥈 | step-issuer | [📄][config:step-issuer] | [Certificate Authority server][ca:step-issuer] | - | [✔️][release:step-issuer] | ✔️ | -| 🥈 | vault-issuer (in-tree) | [📄][config:vault-issuer] | [HashiCorp Vault][ca:vault-issuer] | - | [✔️][release:cert-manager] | ✔️ | -| 🥈 | venafi-issuer (in-tree) | [📄][config:venafi-issuer] | [Venafi TLS Protect][ca:venafi-issuer] | - | [✔️][release:cert-manager] | ✔️ | -| 🥈 | cfssl-issuer | [📄][config:cfssl-issuer] | [CFSSL][ca:cfssl-issuer] | - | [✔️][release:cfssl-issuer] | ✔️ | -| 🥉 | tcs-issuer | [📄][config:tcs-issuer] | [Intel's SGX technology][ca:tcs-issuer] | - | [❌][release:tcs-issuer] | ✔️ | -| 🥉 | freeipa-issuer | [📄][config:freeipa-issuer] | [FreeIPA][ca:freeipa-issuer] | - | [❌][release:freeipa-issuer] | ✔️ | -| 🥉 | kms-issuer | [📄][config:kms-issuer] | [AWS KMS][ca:kms-issuer] | - | [❌][release:kms-issuer] | ✔️ | +| Tier | Controller | Docs | Issuer | cert-manager
version used
in tutorial[^1] | Released within
12 months[^2] | Is Open Source | +|------|-----------------------------|-------------------------------------|------------------------------------------------------------------------|---------------------------------------------------|--------------------------------------|----------------| +| 🥇 | acme-issuer (in-tree) | [📄][config:acme-issuer] | [ACME][ca:acme] | [latest][production:acme-issuer] | [✔️][release:cert-manager] | ✔️ | +| 🥇 | venafi-enhanced-issuer | [📄][config:venafi-enhanced-issuer] | [Venafi TLS Protect][ca:venafi-enhanced-issuer] | [v1.12.1][production:venafi-enhanced-issuer] | [✔️][release:venafi-enhanced-issuer] | ❌ | +| 🥇 | origin-ca-issuer | [📄][config:origin-ca-issuer] | [Cloudflare Origin CA][ca:origin-ca-issuer] | [supported][production:origin-ca-issuer] | [✔️][release:origin-ca-issuer] | ✔️ | +| 🥈 | adcs-issuer | [📄][config:adcs-issuer] | [Microsoft Active Directory
Certificate Service][ca:adcs-issuer] | - | [✔️][release:adcs-issuer] | ✔️ | +| 🥈 | aws-privateca-issuer | [📄][config:aws-privateca-issuer] | [AWS Private Certificate Authority][ca:aws-privateca-issuer] | - | [✔️][release:aws-privateca-issuer] | ✔️ | +| 🥈 | ca-issuer (in-tree) | [📄][config:ca-issuer] | CA issuer | - | [✔️][release:cert-manager] | ✔️ | +| 🥈 | czertainly-issuer | [📄][config:czertainly-issuer] | [CZERTAINLY][ca:czertainly-issuer] | [supported][production:czertainly-issuer] | [✔️][release:czertainly-issuer] | ✔️ | +| 🥈 | command-issuer | [📄][config:command-issuer] | [Keyfactor Command][ca:command-issuer] | - | [✔️][release:command-issuer] | ✔️ | +| 🥈 | cview-issuer | [📄][config:cview-issuer] | [CView-issuer][ca:cview-issuer] | - | [✔️][release:cview-issuer] | ❌ | +| 🥈 | ejbca-issuer | [📄][config:ejbca-issuer] | [EJBCA][ca:ejbca-issuer] | - | [✔️][release:ejbca-issuer] | ✔️ | +| 🥈 | google-cas-issuer | [📄][config:google-cas-issuer] | [Google Cloud Certificate
Authority Service][ca:google-cas-issuer] | - | [✔️][release:google-cas-issuer] | ✔️ | +| 🥈 | gs-atlas-issuer | [📄][config:gs-atlas-issuer] | [GlobalSign CA][ca:gs-atlas-issuer] | - | [✔️][release:gs-atlas-issuer] | ✔️ | +| 🥈 | horizon-issuer | [📄][config:horizon-issuer] | [EVERTRUST Horizon][ca:horizon-issuer] | - | [✔️][release:horizon-issuer] | ✔️ | +| 🥈 | ncm-issuer | [📄][config:ncm-issuer] | [Nokia Netguard Certificate Manager][ca:ncm-issuer] | - | [✔️][release:ncm-issuer] | ✔️ | +| 🥈 | selfsigned-issuer (in-tree) | [📄][config:selfsigned-issuer] | Self-Signed issuer | - | [✔️][release:cert-manager] | ✔️ | +| 🥈 | step-issuer | [📄][config:step-issuer] | [Certificate Authority server][ca:step-issuer] | - | [✔️][release:step-issuer] | ✔️ | +| 🥈 | vault-issuer (in-tree) | [📄][config:vault-issuer] | [HashiCorp Vault][ca:vault-issuer] | - | [✔️][release:cert-manager] | ✔️ | +| 🥈 | venafi-issuer (in-tree) | [📄][config:venafi-issuer] | [Venafi TLS Protect][ca:venafi-issuer] | - | [✔️][release:cert-manager] | ✔️ | +| 🥈 | cfssl-issuer | [📄][config:cfssl-issuer] | [CFSSL][ca:cfssl-issuer] | - | [✔️][release:cfssl-issuer] | ✔️ | +| 🥉 | tcs-issuer | [📄][config:tcs-issuer] | [Intel's SGX technology][ca:tcs-issuer] | - | [❌][release:tcs-issuer] | ✔️ | +| 🥉 | freeipa-issuer | [📄][config:freeipa-issuer] | [FreeIPA][ca:freeipa-issuer] | - | [❌][release:freeipa-issuer] | ✔️ | +| 🥉 | kms-issuer | [📄][config:kms-issuer] | [AWS KMS][ca:kms-issuer] | - | [❌][release:kms-issuer] | ✔️ |
[production:venafi-enhanced-issuer]: https://platform.jetstack.io/documentation/academy/issue-and-approve-certificates-with-venafi-control-plane [production:acme-issuer]: ../tutorials/getting-started-aks-letsencrypt/README.md [production:origin-ca-issuer]: https://github.com/cloudflare/origin-ca-issuer/blob/trunk/README.org +[production:czertainly-issuer]: https://docs.czertainly.com/docs/certificate-key/integration-guides/cert-manager-issuer/overview [//]: # (Configuration docs) @@ -60,6 +62,7 @@ The following list contains all known cert-manager issuer integrations. [config:adcs-issuer]: https://djkormo.github.io/adcs-issuer/ [config:cfssl-issuer]: https://gerrit.wikimedia.org/r/plugins/gitiles/operations/software/cfssl-issuer [config:cview-issuer]: https://secure-ly.github.io/cview-issuer-chart +[config:czertainly-issuer]: https://docs.czertainly.com/docs/certificate-key/integration-guides/cert-manager-issuer/create-czertainly-issuer [//]: # (CA docs) @@ -82,6 +85,7 @@ The following list contains all known cert-manager issuer integrations. [ca:kms-issuer]: https://aws.amazon.com/kms/ [ca:origin-ca-issuer]: https://developers.cloudflare.com/ssl/origin-configuration/origin-ca [ca:cview-issuer]: https://secure-ly.github.io/cview-issuer-chart +[ca:czertainly-issuer]: https://www.czertainly.com [//]: # (Release pages) @@ -102,6 +106,7 @@ The following list contains all known cert-manager issuer integrations. [release:adcs-issuer]: https://github.com/djkormo/adcs-issuer/releases [release:cfssl-issuer]: https://gerrit.wikimedia.org/r/plugins/gitiles/operations/software/cfssl-issuer/+refs [release:cview-issuer]: https://github.com/secure-ly/cview-issuer-chart/releases +[release:czertainly-issuer]: https://github.com/CZERTAINLY/CZERTAINLY-Cert-Manager-Issuer/releases - The issuers are sorted by their tier and then alphabetically. - "in-tree" issuers are issuers that are shipped with cert-manager itself.