bmcweb and certificate chains [WAS: Security working group meeting 2020-01-22]
Alexander Tereschenko
aleksandr.v.tereschenko at linux.intel.com
Wed Jan 29 05:24:54 AEDT 2020
On 27-Jan-20 17:03, Joseph Reynolds wrote:
> Thank you for finding that. I think we want to add a function to
> BMCWeb to be able to handle certificate chains. Would we need to
> enhance the REST APIs [4] to upload server certificates as part of
> this work?
>
> [4]:
> https://github.com/openbmc/phosphor-dbus-interfaces/tree/master/xyz/openbmc_project/Certs
>
Yes, I think that'd be required, otherwise the only way the BMC admin
could provide that cert chain file would be via SSH, which of course
will not work for everyone.
More information about the openbmc
mailing list