Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow users to manually trust the server certificate on infra login #1541

Closed
dnephin opened this issue Apr 8, 2022 · 1 comment · Fixed by #2177
Closed

Allow users to manually trust the server certificate on infra login #1541

dnephin opened this issue Apr 8, 2022 · 1 comment · Fixed by #2177
Assignees
@dnephin
Labels
area/cli Issue or PR related to the command-line interface. kind/improvement A report of a quality problem, or a change that addresses a quality problem.

Comments

@dnephin
Copy link
Contributor

dnephin commented Apr 8, 2022
edited
Loading

Is your feature request related to a problem? Please describe.

Current infra login requires --skip-tls-verify, or the user must accept the prompt for "The authenticity of the host can't be established.".

Similar to how ssh works when you connect to a new host, we should be able to prompt the user to trust the certificate used by the server.

Describe the solution you'd like

When the server starts we should print the certificate to the logs and/or to a file on the ephemeral filesystem. This will allow the admin to view the generated certificate using a kubectl command. I think we may already do this in some cases (~/.infra/cache/ seems to have certs).

In the CLI we would need to make 2 changes:

  1. When we get a x509.UnknownAuthorityError, print the details of the certificate (they are available as x509.UnknownAuthorityError.Certificate). Then prompt the user to see if they would like the trust the certificate. We can also suggest that they either ask their admin to confirm the details, or if they are an admin they can use kubectl exec ... to print the expected cert. Once trusted we can save the certificate to the local filesystem.
  2. When we construct the API client in the CLI we can use a tls.Config that populates the RootCAs from the certs saved on disk. That way future calls to the API will continue to trust the certificate that was previously trusted by that user.
@dnephin dnephin added area/cli Issue or PR related to the command-line interface. kind/improvement A report of a quality problem, or a change that addresses a quality problem. labels Apr 8, 2022
@jmorganca jmorganca changed the title cmd/login: allow users to manually trust the server certificate cli: allow users to manually trust the server certificate May 30, 2022
@jmorganca
Copy link
Contributor

Related: #296

@dnephin dnephin mentioned this issue May 30, 2022
Closed
3 tasks
@jmorganca jmorganca changed the title cli: allow users to manually trust the server certificate Allow users to manually trust the server certificate on infra login May 31, 2022
This was referenced Jun 2, 2022
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dnephin dnephin

Labels
area/cli Issue or PR related to the command-line interface. kind/improvement A report of a quality problem, or a change that addresses a quality problem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

cli: prompt to accept the server TLS certificate for manual verification infrahq/infra
2 participants
@jmorganca @dnephin