Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
use an encrypted client certificate to connect to a docker daemon #31364
An encrypted client certificate can be used to connect to a docker daemon.
Signed-off-by: Arash Deshmeh firstname.lastname@example.org
- What I did
- How I did it
- How to verify it
- Description for the changelog
- A picture of a cute animal (not mandatory but encouraged)
note: the reason for introducing --tlsgetpass command option is to avoid breaking existing uses (e.g. without this option, a command with incorrect private key will not fail, instead will show a prompt for the passphrase). Some integration tests will also fail without this option (e.g. any test that passes an intentionally invalid key).
Mar 8, 2017
Thank you for the review. I will open the PR for go-connections.
Yes. You can do it in this PR.
Something I should bring to everyone's attention as a consideration before merging this PR. We're actually planning to deprecate the encrypted PEMs in notary in place of PKCS#8 in the very near future (next 6-8 weeks). We didn't realize at the time but encrypted PEMs use md5 for deriving keys from passwords and we want to ultimately no longer rely on md5 for anything in notary.
We'll necessarily have to keep legacy reading code for some time, but plan to remove any code that creates encrypted PEMs.