-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Load client certificate from hardware security device with Pkcs11 protocol #31536
Comments
After digging into the otel code, I now think an extension is not the right path - that is more for modifying telemetry streams I guess. |
This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping |
This issue has been closed as inactive because it has been stale for 120 days with no activity. |
Component(s)
No response
Is your feature request related to a problem? Please describe.
We want to run an otel collector on an edge device. It should collect telemetry from applications running on that edge device, and forward them to another otel collector on a central server.
The applications on the edge device keep client certificates for mtls in a TPM chip. We would like to also use the TPM to secure the connection from the local collector to the central collector.
Is that possible as is? Or would it be possible to develop an extension that uses Pkcs11 to use a certificate in the TPM?
Thank you!
Describe the solution you'd like
An extension for using Pkcs11 to establish mtls connection for otlp exporter
Describe alternatives you've considered
Establish a tls tunnel with the Pkcs11 certificates
Additional context
No response
The text was updated successfully, but these errors were encountered: