Add ADCS Plugin Configuration to Docs

Add configuration options based on https://github.com/Netflix/lemur/pull/2255#issue-240136873
2019-07-10 12:10:47 -04:00 · 2019-07-10 12:10:47 -04:00 · 66bff57c04
parent 41c781318c
commit 66bff57c04
1 changed files with 57 additions and 17 deletions
--- a/docs/administration.rst
+++ b/docs/administration.rst
@ -593,8 +593,60 @@ If you are not using a metric provider you do not need to configure any of these
 Plugin Specific Options
 -----------------------

+Active Directory Certificate Services Plugin
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+
+.. data:: ADCS_SERVER
+    :noindex:
+
+        FQDN of your ADCS Server
+
+
+.. data:: ADCS_AUTH_METHOD
+    :noindex:
+
+        The chosen authentication method. Either ‘basic’ (the default), ‘ntlm’ or ‘cert’ (SSL client certificate). The next 2 variables are interpreted differently for different methods.
+
+
+.. data:: ADCS_USER
+    :noindex:
+
+        The username (basic) or the path to the public cert (cert) of the user accessing PKI
+
+
+.. data:: ADCS_PWD
+    :noindex:
+
+        The passwd (basic) or the path to the private key (cert) of the user accessing PKI
+
+
+.. data:: ADCS_TEMPLATE
+    :noindex:
+
+        Template to be used for certificate issuing. Usually display name w/o spaces
+
+
+.. data:: ADCS_START
+    :noindex:
+
+.. data:: ADCS_STOP
+    :noindex:
+
+.. data:: ADCS_ISSUING
+    :noindex:
+
+        Contains the issuing cert of the CA
+
+
+.. data:: ADCS_ROOT
+    :noindex:
+
+        Contains the root cert of the CA
+
+
 Verisign Issuer Plugin
-^^^^^^^^^^^^^^^^^^^^^^
+~~~~~~~~~~~~~~~~~~~~~~

 Authorities will each have their own configuration options. There is currently just one plugin bundled with Lemur,
 Verisign/Symantec. Additional plugins may define additional options. Refer to the plugin's own documentation
@ -642,7 +694,7 @@ for those plugins.


 Digicert Issuer Plugin
-^^^^^^^^^^^^^^^^^^^^^^
+~~~~~~~~~~~~~~~~~~~~~~

 The following configuration properties are required to use the Digicert issuer plugin.

@ -690,7 +742,7 @@ The following configuration properties are required to use the Digicert issuer p


 CFSSL Issuer Plugin
-^^^^^^^^^^^^^^^^^^^
+~~~~~~~~~~~~~~~~~~~

 The following configuration properties are required to use the CFSSL issuer plugin.

@ -716,7 +768,7 @@ The following configuration properties are required to use the CFSSL issuer plug


 Hashicorp Vault Source/Destination Plugin
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 Lemur can import and export certificate data to and from a Hashicorp Vault secrets store. Lemur can connect to a different Vault service per source/destination.

@ -738,7 +790,7 @@ Vault Destination supports a regex filter to prevent certificates with SAN that


 AWS Source/Destination Plugin
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 In order for Lemur to manage its own account and other accounts we must ensure it has the correct AWS permissions.

@ -1086,18 +1138,6 @@ progress and the API is not frozen.

 Lemur includes several plugins by default. Including extensive support for AWS, VeriSign/Symantec.

-Active Directory Certificate Services
--------
-
-:Authors:
-    sirferl
-:Type:
-    Issuer
-:Description:
-    Enables the creation of certificates by ADCS (Active Directory Certificate Services)
-:Links:
-    https://github.com/sirferl/lemur
-
 Verisign/Symantec
 -----------------