bmcweb and certificate chains [WAS: Security working group meeting 2020-01-22]

Alexander Tereschenko aleksandr.v.tereschenko at linux.intel.com
Wed Jan 29 05:24:54 AEDT 2020


On 27-Jan-20 17:03, Joseph Reynolds wrote:
> Thank you for finding that.  I think we want to add a function to 
> BMCWeb to be able to handle certificate chains.  Would we need to 
> enhance the REST APIs [4] to upload server certificates as part of 
> this work?
>
> [4]: 
> https://github.com/openbmc/phosphor-dbus-interfaces/tree/master/xyz/openbmc_project/Certs
>
Yes, I think that'd be required, otherwise the only way the BMC admin 
could provide that cert chain file would be via SSH, which of course 
will not work for everyone.


More information about the openbmc mailing list