Boulder - Third-Party CA Certs (PKCS#11 or otherwise)

Hello again.

Another question I had in mind is, does Boulder also support Third-Party CA certs? For example I have a PKCS#11 and I want to introduce it to the SoftHSM and have Boulder sign requests with that certificate, instead of the key-pair/certificate issued at first container creation.

And another thing. Suppose I deploy Docker Images to an isolated environment. When I want to conduct a software update, do I have to reintroduce the keys every time? Or do I have an alternate solution, like storing them on a seperate Boulder Image, and have another container whose Boulder Image is the one I will be “updating” regularly on the net.

Thank you for your time.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.