@@ -658,36 +658,43 @@ controlplane:
658658
659659 # # Configuration for keyless signing using one of the supported providers
660660 # # @param controlplane.keylessSigning.enabled Activates or deactivates the feature
661- # # @param controlplane.keylessSigning.backend The backend to use. Currently only "fileCA" and "ejbcaCA" are supported
662- # # @param controlplane.keylessSigning.fileCA.cert The PEM-encoded certificate of the file based CA
661+ # # @param controlplane.keylessSigning.backends[0].issuer Whether this backend should be used to issue new certificates. Only one can be set at a time.
662+ # # @param controlplane.keylessSigning.backends[0].type backend type. Only "fileCA" and "ejbcaCA" are supported
663+ # # @param controlplane.keylessSigning.backends[0].fileCA.cert The PEM-encoded certificate of the file based CA
663664 # # -----BEGIN CERTIFICATE-----
664665 # # ...
665666 # # -----END CERTIFICATE-----
666- # # @param controlplane.keylessSigning.fileCA.key The PEM-encoded private key of the file based CA
667+ # # @param controlplane.keylessSigning.backends[0]. fileCA.key The PEM-encoded private key of the file based CA
667668 # # -----BEGIN RSA PRIVATE KEY-----
668669 # # ...
669670 # # -----END RSA PRIVATE KEY-----
670- # # @param controlplane.keylessSigning.fileCA.keyPass The secret key pass
671- # # @param controlplane.keylessSigning.ejbcaCA.serverURL The url of the EJBCA service ("https://host/ejbca")
672- # # @param controlplane.keylessSigning.ejbcaCA.clientKey PEM-encoded the private key for EJBCA cert authentication
673- # # @param controlplane.keylessSigning.ejbcaCA.clientCert PEM-encoded certificate for EJBCA cert authentication
674- # # @param controlplane.keylessSigning.ejbcaCA.certProfileName Name of the certificate profile to use in EJBCA
675- # # @param controlplane.keylessSigning.ejbcaCA.endEntityProfileName Name of the Entity Profile to use in EJBCA
676- # # @param controlplane.keylessSigning.ejbcaCA.caName Name of the CA issuer to use in EJBCA
671+ # # @param controlplane.keylessSigning.backends[0].fileCA.keyPass The secret key pass
672+ # # @param controlplane.keylessSigning.backends[1].type backend type. Only "fileCA" and "ejbcaCA" are supported
673+ # # @param controlplane.keylessSigning.backends[1].ejbcaCA.serverURL The url of the EJBCA service ("https://host/ejbca")
674+ # # @param controlplane.keylessSigning.backends[1].ejbcaCA.clientKey PEM-encoded the private key for EJBCA cert authentication
675+ # # @param controlplane.keylessSigning.backends[1].ejbcaCA.clientCert PEM-encoded certificate for EJBCA cert authentication
676+ # # @param controlplane.keylessSigning.backends[1].ejbcaCA.caCert PEM-encoded certificate of the root CA
677+ # # @param controlplane.keylessSigning.backends[1].ejbcaCA.certProfileName Name of the certificate profile to use in EJBCA
678+ # # @param controlplane.keylessSigning.backends[1].ejbcaCA.endEntityProfileName Name of the Entity Profile to use in EJBCA
679+ # # @param controlplane.keylessSigning.backends[1].ejbcaCA.caName Name of the CA issuer to use in EJBCA
677680 keylessSigning :
678681 enabled : false
679- backend : fileCA
680- fileCA :
681- cert : " "
682- key : " "
683- keyPass : " "
684- ejbcaCA :
685- serverURL : " "
686- clientKey : " "
687- clientCert : " "
688- certProfileName : " "
689- endEntityProfileName : " "
690- caName : " "
682+ backends :
683+ - type : fileCA
684+ fileCA :
685+ cert : " "
686+ key : " "
687+ keyPass : " foo"
688+ issuer : true
689+ - type : ejbcaCA
690+ ejbcaCA :
691+ serverURL : " "
692+ clientKey : " "
693+ clientCert : " "
694+ caCert : " "
695+ certProfileName : " "
696+ endEntityProfileName : " "
697+ caName : " "
691698
692699 # # Inject custom CA certificates to the controlplane container
693700 # # @param controlplane.customCAs List of custom CA certificates content
0 commit comments