© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
John,
Unsubscribed already as it was pointed out that this functionality was not formally released yet, although was mentioned vaguely in release notes and all relevant charms except one support this.
As for reasoning, there are two completely separate workflows:
1) asking for an intermediate CA and using vault;
2) using charm options.
One could argue that mixing the two would be possible or just using 2 and treating option 1 as non-existent which would make it Field-High.
Normally it takes several deployment attempts to get a working cloud as occasional misconfigs (networking, charm options etc.) need to be sorted out but what we have to ask in advance from a customer is either a set of per-service certificates and keys or a signed intermediate CA certificate based on a CSR we generate. With very tight timelines choosing option 1 and then changing your mind to use option 2 shifts project timelines to an extent where it becomes a critical issue. Understanding that option 1 is not fully there yet allowed us to make a decision to go with option 2 and remove the "critical" status.