Skip to content

ishustava/rotato

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
dockerfiles/rotato
dockerfiles/rotato
 
 
pipelines
pipelines
 
 
rotation
rotation
 
 
tasks/rotate
tasks/rotate
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

Rotato

A tool for CA and certificate rotation for Cloud Foundry

3-step CA Rotation

  1. Generate new CA, configure all components to trust both old and new CAs and redeploy
  2. Generate certificates signed by the new CA
  3. Configure everything to only trust the new CA and redeploy

Installation

rotato uses go modules to manages dependencies and requires go v1.11. To install, run these commands from the root project directory

cd rotation
go build -o rotato

Usage

Usage:
  rotation [OPTIONS] [add-new-cas | regenerate-certs | remove-old-cas]

Help Options:
  -h, --help  Show this help message

Available commands:
  add-new-cas       Regenerate new CAs and make them available to the next BOSH deploy
  regenerate-certs  Regenerate new certificates
  remove-old-cas    Remove Old CAs

Each command requires CredHub credentials. In case you are using bbl to create your BOSH director, eval "$(eval bbl print-env)" will set all necessary credentials.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

5 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages