[GODRIVER-345] X509 needs to support password encrypted PEM files Created: 05/Apr/18  Updated: 06/Apr/18  Resolved: 06/Apr/18

Status: Closed
Project: Go Driver
Component/s: Authentication
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Minor - P4
Reporter: David Golden Assignee: David Golden
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Problem/Incident
causes GODRIVER-287 SSL client certificate should support... Closed

 Description   

The code for reading certs/keys in AddClientCertFromFile doesn't handle encrypted .pem data. I've done this on a fork of the TLS config code I'm using for TOOLS-1948 and integrating it back to the Go driver should be straightforward once the refactoring is complete.

Suggested steps:

  • Add an SSLCaFilePassword option
  • Pass both SSLCaFile and SSLCaFilePassword to AddClientCertFromFile
  • Within AddClientCertFromFile, use x509.DecryptPEMBlock if an encrypted PEM file is found


 Comments   
Comment by David Golden [ 06/Apr/18 ]

Dup of GODRIVER-287

Comment by Kristofer Brandow (Inactive) [ 05/Apr/18 ]

We already have a PR in progress for this.

Generated at Thu Feb 08 08:34:01 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.