guardicore/monkey

Investigate using New-SelfSignedCertificate in windows deployment script

Open

Aperta il 22 feb 2021

Vedi su GitHub
 (3 commenti) (0 reazioni) (0 assegnatari)Python (6250 star) (752 fork)batch import
Beginner friendlyComplexity: MediumHelp wantedImpact: Low

Descrizione

The windows deployment scripts use OpenSSL to create self-signed certificates. We may be able to remove some complexity in the windows deployment scripts by using powershell's New-SelfSignedCertificate (https://medium.com/the-new-control-plane/generating-self-signed-certificates-on-windows-7812a600c2d8) instead of relying on openssl.

We need to investigate and ensure that openssl isn't needed for any other purpose before making this change.

Guida contributor

Tech stack
shell
Dominio
devops
Tipo issue
research
DifficoltàQuanto dovrebbe essere impegnativa per un nuovo contributor.
3
Tempo stimatoTempo stimato per completare e verificare uno scope piccolo.
1-3 hours
Stato attivitàQuanto è probabile che la issue sia ancora attiva e reviewable.
stale
ChiarezzaQuanto chiaramente la issue descrive problema, scope e risultato atteso.
clear
Prerequisiti
PowerShell basicsCertificate generation knowledgeDeployment script structure
Adatta ai principiantiQuanto la issue è adatta a contributor alla prima esperienza.
50
Direzione di ricerca
Investigate the Windows deployment scripts at deployment scripts/deploy windows.ps1 to determine if OpenSSL usage can be replaced with PowerShell's New SelfSignedCertificate. Check if OpenSSL is used elsewhere in the repository for other purposes. If replacement is feasible, ensure that the new approach works on all supported Windows versions.