Skip to content

Browser client cert documentation #391

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tashian merged 14 commits into from
Apr 9, 2025
Merged

Browser client cert documentation #391

tashian merged 14 commits into from
Apr 9, 2025

Conversation

@tashian
Copy link
Contributor

@tashian tashian commented Mar 17, 2025
edited
Loading

  • Need new instructions for setting up the Browser resource
  • Key protection for Linux browsers needs to be set to None for the Browser account.
  • Is the agent required? Yes, for now.
  • Should we add step-agent-plugin doctor instructions for troubleshooting?

for macOS

  • Review FIrefox & Chrome instructions
  • Clarify what the agent does with regard to Keychain identity preferences?

for Linux

  • Add Firefox details

for Windows

  • add Chrome & Edge

Not relevant anymore

  • Which root CA should clients trust? The Accounts CA? Why not the workloads CA?
  • Yee's doc instructs the user to check the agent log to find the path to the root CA certificate, then to add the root to the trust store using step certificate install. What's a simpler and more reliable way to find the path to the CA certificate?
  • Would be nice to have a solution for testing the client cert that doesn't require adding CA trust — can we use a Let's Encrypt endpoint for this?

@tashian tashian requested a review from a team as a code owner March 17, 2025 23:22
@tashian tashian changed the title Browser client cert docs for macOS Browser client cert documentation Mar 17, 2025
@tashian tashian enabled auto-merge April 9, 2025 16:26
@tashian tashian requested a review from joshdrake April 9, 2025 16:26
@tashian tashian merged commit 52d1d09 into main Apr 9, 2025
1 check passed
@tashian tashian deleted the carl/browser-mtls branch April 9, 2025 22:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joshdrake joshdrake joshdrake approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tashian @joshdrake