Hi Jesse,

I'd like to let you know that we have created a PKI ACME container that can be
deployed much more easily on Podman or OpenShift:

By default the container will generate a self-signed CA signing certificate and use
an ephemeral database, but you can configure it with a permanent certificate and
persistent database.

We've also set up a demo instance that you can try:

Just let me know if you have any questions. Thanks!

Endi S. Dewata

On Tue, Jun 2, 2020 at 8:35 AM Jesse L Van hill <jlvanhil@us.ibm.com> wrote:

Hi Endi -

Unfortunately, customer issues have kept me from pursuing this further. I or one of my team still intends on doing so. I will be sure to let you know when I have tested.

Jesse Van Hill
Websphere Identity Management Architect & Dev Lead
WebSphere Application Server & Open Liberty

507-513-6234 jlvanhil@us.ibm.com

Inactive hide details for Endi Sukma Dewata ---06/01/2020 10:42:43 PM-------- Original Message ----- > > Hi -Endi Sukma Dewata ---06/01/2020 10:42:43 PM-------- Original Message ----- > > Hi -

From: Endi Sukma Dewata <edewata@redhat.com>
To: Jesse L Van hill <jlvanhil@us.ibm.com>
Cc: pki-devel@redhat.com
Date: 06/01/2020 10:42 PM
Subject: [EXTERNAL] Re: [Pki-devel] ACME Support: Error issuing certificate

Hi Jesse,

I was just wondering if you managed to test against the ACME server.
FYI, we're working on adding an embedded CA into the ACME server so
it can be containerized more easily without dependency on a separate
CA. Hopefully we will have something usable by the end of the month.

Endi S. Dewata