New Required cc_uploader Server Certs
CAPI has been continuing the work to secure internal traffic with CAPI VMs
. Next on the list of jobs that now need certs is CC-Uploader.
CC-Uploader's purpose is to manage blobstore upload requests from Diego,
mostly droplets and build artifacts. In an upcoming CAPI release (1.26.0),
the properties below will be required for the cc-uploader job. There is no
harm in filling in these properties now. * capi.cc_uploader.ca_cert *
capi.cc_uploader.server_cert * capi.cc_uploader.server_key If you're using
manifest generation from diego-release from the example AWS or bosh-lite
manifests, the certs should be generated automatically from upcoming PRs
Otherwise, please see the following doc for TLS generation:
Diego cert generation scripts have been updated include generation of the
new cc-uploader certs that you need. If you have any questions or hit any
speed bumps, please reach out to us on slack in the #capi channel .
Tim Hausler && Jen Spinney, CAPI team members