Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cli: add option to also write client key in PKCS#8 format. #29008

Merged
merged 1 commit into from Aug 26, 2018
Merged

cli: add option to also write client key in PKCS#8 format. #29008

merged 1 commit into from Aug 26, 2018

Conversation

mberhault
Copy link
Contributor

This is useful for java which does not understand PKCS#1 in PEM format.
This does not change the format of the client.<username>.key file but
writes an additional file named client.<username>.key.pk8.

Removed openssl command to convert key to PKCS#8 in java acceptance
test.

Release note (cli change): add option to write client key in PKCS#8
format.

@mberhault mberhault requested a review from a team as a code owner August 23, 2018 15:31
@cockroach-teamcity
Copy link
Member

This change is Reviewable

@mberhault mberhault force-pushed the marc/add_option_to_write_pkcs8_key branch from 20f13ed to 12b83c7 Compare August 23, 2018 15:37
cli: add option to also write client key in PKCS#8 format.
768d0dc 
This is useful for java which does not understand PKCS#1 in PEM format.
This does not change the format of the `client.<username>.key` file but
writes an additional file named `client.<username>.key.pk8`.

Removed `openssl` command to convert key to PKCS#8 in java acceptance
test.

Release note (cli change): add option to write client key in PKCS#8
format.
@mberhault mberhault force-pushed the marc/add_option_to_write_pkcs8_key branch from 12b83c7 to 768d0dc Compare August 23, 2018 15:38
@mberhault
Copy link
Contributor Author

Also checked that the PKCS#8 key is accepted by DBeaver:

dbeaver_connection

@mberhault mberhault requested a review from knz August 26, 2018 16:48
knz
knz approved these changes Aug 26, 2018
View reviewed changes
Copy link
Contributor

@knz knz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm_strong: thank you!!!!!

Reviewed 8 of 8 files at r1.
Reviewable status: :shipit: complete! 1 of 0 LGTMs obtained

@knz knz added this to To do in DB Server & Security via automation Aug 26, 2018
@knz knz added the docs-todo label Aug 26, 2018
@mberhault
Copy link
Contributor Author

bors r+

craig bot pushed a commit that referenced this pull request Aug 26, 2018
Merge #29008
228d3e0 
29008: cli: add option to also write client key in PKCS#8 format. r=mberhault a=mberhault

This is useful for java which does not understand PKCS#1 in PEM format.
This does not change the format of the `client.<username>.key` file but
writes an additional file named `client.<username>.key.pk8`.

Removed `openssl` command to convert key to PKCS#8 in java acceptance
test.

Release note (cli change): add option to write client key in PKCS#8
format.

Co-authored-by: marc <marc@cockroachlabs.com>
@craig
Copy link
Contributor

craig bot commented Aug 26, 2018

Build succeeded

@craig craig bot merged commit 768d0dc into cockroachdb:master Aug 26, 2018
DB Server & Security automation moved this from To do to Done Aug 26, 2018
@mberhault mberhault deleted the marc/add_option_to_write_pkcs8_key branch August 27, 2018 10:10
@knz
Copy link
Contributor

knz commented Sep 4, 2018

@mberhault for docs we'll want this in 2.1 too. Can you issue the backport pr?

@mberhault
Copy link
Contributor Author

This is not a bug fix and the openssl method for converting key formats is documented all over the internet and our 2.1 docs. If they don't read the docs, they won't find the optional flag anyway. This will be in 2.2.

@jseldess jseldess mentioned this pull request Nov 19, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@knz knz knz approved these changes

Assignees
No one assigned
Labels
docs-todo
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@mberhault @cockroach-teamcity @knz