Bring-your-own-key (BYOK) for encryption-in-transit
As an operator, I can provide the public key certificate and corresponding private key for all TLS endpoints that handle my data.
Operator Inputs
- Chevron: This is mandatory for Chevron.
- Repsol: This is mandatory for Repsol.
- Equinor: We do have an internal PKI so we need to be able to configure trust between internal resources and the OSDU install. (Paco comment: this might require BYOK for certificates, it might not)
Definition of Done
- As an operator, I can load the TLS public key and private key certificate into OSDU
- When visiting all OSDU endpoints for all OSDU services, the presented TLS certificate is the one I loaded.