-
Type: Task
-
Resolution: Duplicate
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: None
-
Labels:None
-
Server Security
Instead of having separate CA vs CusterCA, we should have a single CA with role separation: e.g.: allow specifying limitations on which CA can be used for what purpose. Specifically, to pin X509 authorization to a specific roots only