[Feature]: Add options to add certificates to device/store
PVM-NL opened this issue · comments
NetBox version
v3.4.3
Feature type
Add a function
Proposed functionality
Add the option to add or create the (TLS) certificate to the device or store.
The certificate file types can be. pfx, pem,.crt,.cer, or.key.
As the store is to safeguard the username/password might be usefull to also add the (device) certificate.
Use case
Its adds the certificate who might be bind to the device to use.
If its a https server certificates these are bind to websites. Also with switches or use with WIFI sometimes the company certificates are added.
External dependencies
Dont know
This may either require a DB model change or we may have to extend the secrets model and create a new one for certificates. I'm going to hold on to this until more details can be fleshed out
Ok, well if it is possible i think this would makes the plugin complete.
As i compare the secrets plugin to for example azure keyvault but then you hold it inside and not in the cloud perhaps.
An integration with those providers is also nice like
https://github.com/nautobot/nautobot-plugin-secrets-providers
The secret provider will be out of scope for now as that requires alot of work and discussion to figure out the right way.
Just looking over the db models briefly, it makes the most sense to create a new one. However, in doing so the current secret model will most likely become an abstract class and 2 new models will inherit from it.
For the certificate model, I'm also thinking there should be 2 different fields namely certificate and key and when the data is added to these fields a validation is run to ensure the data is correct like key validation for the certificate.
The fields will have to be text fields to allow for bigger texts.
The key field will be encrypted where as the certificate will remain as plaintext
I'll try to tackle this issue on the coming weekend and evaluate what changes are needed to get this going
Take your time, which is better than do it in a hurry :)
After discussing this internally, we currently will not be implementing this into secret plugin. Perhaps this can be covered in a separate plugin which can be built on top of netbox-secrets.
After discussing this internally, we currently will not be implementing this into secret plugin. Perhaps this can be covered in a separate plugin which can be built on top of netbox-secrets.
Ah ok too bad, i was hoping it went on the roadmap. Really thought it was a nice addition to the plugin.
We are however thinking of providing multi-line fields which should take care of feature such as this to be covered using the existing implmentation.
@kprince28 Can you see if adding multiline fields for passwords is feasible? We however want to keep backwards compatibility with the change.