Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve key_regeneration.py #641

Closed
yuriyz opened this issue Feb 14, 2020 · 2 comments
Closed

Improve key_regeneration.py #641

yuriyz opened this issue Feb 14, 2020 · 2 comments
Assignees
@devrimyatar
Labels
enhancement Update to existing feature or functionality
Milestone
4.2

Comments

@yuriyz
Copy link
Contributor

yuriyz commented Feb 14, 2020
edited
Loading

We should improve key_regeneration.py and recommend to use it instead of performing manual step. It should exclude human factor (typo, mistake) as well as give more information what is going on during re-generation.

  1. Extend configuration
  • expiration -> in days
  • expiration_hours -> hours
  1. Add logging which should help to understand when it was run and how many times. We should log:
  • generation configuration
  • old keys and new keys
  • catch all error during re-generation and log them.
  1. backporting

I've scheduled this improvement for 4.2 but our goal is to support all versions for which we got support tickets. If it doesn't mean huge effort of course. 4.0, 4.1 and 4.2 is must as for me. 3.1.6 and later is nice to have.

@mzico @aliaksander-samuseu can you say for which versions currently we got most of the support tickets related to key re-generation ?
@yuriyz yuriyz added the enhancement Update to existing feature or functionality label Feb 14, 2020
@yuriyz yuriyz added this to the 4.2 milestone Feb 14, 2020
@yuriyz yuriyz mentioned this issue Feb 14, 2020
Open
@mzico
Copy link
Contributor

mzico commented Feb 14, 2020

@yuriyz : looks good to me. One opinion:

  • As we are running script, may be script can 'backup' old key ( jks + json ) and ldif section as well.

can you say for which versions currently we got most of the support tickets related to key re-generation ?

3.6, 3.7 and 4.0.

devrimyatar added a commit that referenced this issue Feb 14, 2020
@devrimyatar
add logging to key_renegerator.py (ref: #641)
196237e
devrimyatar added a commit that referenced this issue Feb 14, 2020
@devrimyatar
add expiration duration (ref: #641)
6379605
devrimyatar added a commit that referenced this issue Apr 10, 2020
@devrimyatar
add arguments -expiration_hours and -expiration to key renegeration s…
feac7b2 
…cript (ref: #641)
@devrimyatar
Copy link
Collaborator

Implemented. Closing for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@devrimyatar devrimyatar

Labels
enhancement Update to existing feature or functionality
Projects
None yet
Milestone
4.2
Development

No branches or pull requests
3 participants
@yuriyz @devrimyatar @mzico