This portal is to open public enhancement requests against IBM Cloud and its products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updateson them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Allow CF app custom domains to consume certs/keys stored in the IBM Certificate Manager
The process for uploading certs/keys to a CF custom domain is supported by both the UI (under manage orgs/domains) and the BX CLI (bx app domain-cert-add ...). But that process is often the source of errors and requires that the consumer of the custom domain be given the cert/key files to upload (and some teams restrict access to these files).
I've tested the differences in behavior and error checking between the cert upload process for a CF domain (UI and CLI) and that same process for the IBM Certificate Manager. The IBM Certificate Manager does a few more checks on the cert/key data (preventing bad combos/expired certs).
If the process of identifying and storing cert/key data for CF custom domains (which the UI/CLI does today to push them into the DataPower devices that support the custom domain request) were to allow us to point at a cert/key entry in an IBM Certificate Manager service instance created for the account, then you could allow reuse of certs from a single source (for other consumers, such as container-based apps) and CF apps and maybe even APIc. This would also improve the client experience:
- a cert loaded is done; configuring custom domains becomes easier as you just point at the existing cert already loaded.
- the IBM Certificate Manager UI is better at the load/check process
- the IBM Certificate Manager UI natively shows more information about the cert (when it expires) without having to open each individual cert that has been loaded.
Do not place IBM confidential, company confidential, or personal information into any field.