Skip to content
This repository was archived by the owner on Apr 6, 2026. It is now read-only.

CERT-108 - CA private key is exposed#109

Merged
dborovcanin merged 3 commits into
absmach:mainfrom
nyagamunene:CERT-108
May 19, 2025
Merged

CERT-108 - CA private key is exposed#109
dborovcanin merged 3 commits into
absmach:mainfrom
nyagamunene:CERT-108

Conversation

@nyagamunene

@nyagamunene nyagamunene commented May 15, 2025

Copy link
Copy Markdown
Contributor

What type of PR is this?

This is a bug fix because it fixes the following issue: #108

What does this do?

It remove CA private key from endpoint and service layer

Which issue(s) does this PR fix/relate to?

Have you included tests for your changes?

No

Did you document any new/modified features?

No

Notes

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
@nyagamunene nyagamunene marked this pull request as ready for review May 15, 2025 14:42
Comment thread api/http/transport.go Outdated
Comment on lines 406 to 415
if len(resp.PrivateKey) > 0 {
f, err = zw.Create("ca.key")
if err != nil {
return err
}

if _, err = f.Write(resp.PrivateKey); err != nil {
return err
if _, err = f.Write(resp.PrivateKey); err != nil {
return err
}
}

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we don't really need any of this

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
@dborovcanin dborovcanin merged commit 7fa628b into absmach:main May 19, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Bug: CA private key is exposed

3 participants