[Kea-users] Stork Agent authentication against Kea Control Agent

[Maria Hrabosova]

Hello,

Does anyone have an experience with using Stork Agent with different 
certificates than the self-signed ones that are generated during the 
agent registration? I need the Stork Agent to be able to authenticate 
against Kea Control Agent, that's why I cannot use the self-signed ones. 
Do you have any hints how should I proceed? Should I add the valid 
certificates to /var/lib/stork-agent/certs/ prior to starting the Stork 
Agent or should I replace the self-signed ones after the registration? 
If I replace them, will the Stork Agent still be able to authenticate 
against Stork Server?

This is all I found in the documentation regarding my use case: /"The 
Kea CA accepts only requests signed with a trusted certificate when the 
cert-required parameter is set to true in the Kea CA configuration file. 
In this case, the Stork Agent must use the valid certificates (it cannot 
use self-signed certificates as created during Stork Agent 
registration)." 
//[/https://stork.readthedocs.io/en/v0.22.0-fix/install.html#securing-connections-between-stork-agent-and-kea-control-agent]

Any hints would be more than welcome.

Best regards,

Maria

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20211217/a63c16af/attachment.htm>