-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Merged by Bors] - Format conversion (including PKCS#12 support) #286
Conversation
This comment was marked as outdated.
This comment was marked as outdated.
The client side of stackabletech/secret-operator#286
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome!
What did come to my mind is: What passwords are used to encrypt(?) trust and keystore? |
An empty string, which most clients seem to accept as if it was unencrypted. I don't see how moving to a (meaningfully) encrypted keystore would improve things, all it would do is move the goalpost from protecting the keystore to protecting the key. That's helpful when you want to help humans transfer the key over an untrusted medium (such as email or chat). Less so when we have no such constraints. |
I would agree, could we please document the passphrase (in the docs)? |
I was already expanding on that.. 5d1ee58 :P |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have discussed and agreed on an empty string as passphrase. Many thanks!
bors r+ |
## Description The client side of stackabletech/secret-operator#286 Co-authored-by: Natalie Klestrup Röijezon <teo.roijezon@stackable.de> Co-authored-by: Natalie <teo@nullable.se>
Pull request successfully merged into main. Build succeeded! The publicly hosted instance of bors-ng is deprecated and will go away soon. If you want to self-host your own instance, instructions are here. If you want to switch to GitHub's built-in merge queue, visit their help page. |
* Let secret-operator handle PKCS#12 conversion Requires stackabletech/secret-operator#286 * Changelog * Fix warnings * Updated op-rs * Update operator-rs patch --------- Co-authored-by: Razvan-Daniel Mihai <84674+razvan@users.noreply.github.com>
Description
Fixes #130
Definition of Done Checklist
Author
Reviewer
Acceptance
Once the review is done, comment
bors r+
(orbors merge
) to merge. Further information