Uploaded image for project: 'Go Driver'
  1. Go Driver
  2. GODRIVER-345

X509 needs to support password encrypted PEM files

    • Type: Icon: New Feature New Feature
    • Resolution: Duplicate
    • Priority: Icon: Minor - P4 Minor - P4
    • None
    • Affects Version/s: None
    • Component/s: Authentication
    • None

      The code for reading certs/keys in AddClientCertFromFile doesn't handle encrypted .pem data. I've done this on a fork of the TLS config code I'm using for TOOLS-1948 and integrating it back to the Go driver should be straightforward once the refactoring is complete.

      Suggested steps:

      • Add an SSLCaFilePassword option
      • Pass both SSLCaFile and SSLCaFilePassword to AddClientCertFromFile
      • Within AddClientCertFromFile, use x509.DecryptPEMBlock if an encrypted PEM file is found

            Assignee:
            david.golden@mongodb.com David Golden
            Reporter:
            david.golden@mongodb.com David Golden
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: