Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Garbage collect expired certificates in the cert chain #789

Open
tegefaulkes opened this issue Aug 16, 2024 · 3 comments
Open

Garbage collect expired certificates in the cert chain #789

tegefaulkes opened this issue Aug 16, 2024 · 3 comments
Labels
development Standard development

Comments

@tegefaulkes
Copy link
Contributor

Specification

Since certificates will expire after some time and self renew automatically. We need some logic in place to remove and old certificates that are expired. If a certificate is not relevant any more then there is no need to keep the certificate or provided it during the TLS verification.

To this end we need a background task that will periodically check for expired certificates and just remove them. The CertManager in the keys domain is the likely place to implement this.

Additional context

Related: ENG-390 #787

Tasks

  1. TBD
  2. ...
  3. ...
@tegefaulkes tegefaulkes added the development Standard development label Aug 16, 2024
@linear Linear
Copy link

linear bot commented Aug 16, 2024

ENG-393 Garbage collect expired certificates in the cert chain

@CMCDragonkai
Copy link
Member

Isn't this already a function?

@CMCDragonkai
Copy link
Member

I'm pretty sure gc functionality is in the system for certificates.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
development Standard development
Milestone
No milestone
Development

No branches or pull requests
2 participants
@CMCDragonkai @tegefaulkes