1

Allow deletion of Certificate Managers permanently

  • Live

M
Inserve

So we don't have to bother Cyberfusion support when we change a vhost :)

A

Activity Newest / Oldest

Avatar

William Edwards

Status changed to: Live

Avatar

William Edwards

Restoring soft deleted certificate managers was added in Cluster API version 1.193.


Avatar

William Edwards

Reason that certificate managers are soft deleted and cannot be re-created:

Due to a risk with the Let's Encrypt security model, one customer should not be able to request a certificate manager with a common name that another customer requested and deleted.

To achieve this, we disallow re-creating certificate managers by soft deleting them.

The risk is mitigated if the certificate manager can be re-created only by the same customer that created the deleted certificate manager.


Avatar

William Edwards

Post moved to this board

Avatar

William Edwards

Status changed to: Under review