-
Type: New Feature
-
Resolution: Duplicate
-
Priority: Minor - P4
-
None
-
Affects Version/s: None
-
Component/s: Authentication
-
None
The code for reading certs/keys in AddClientCertFromFile doesn't handle encrypted .pem data. I've done this on a fork of the TLS config code I'm using for TOOLS-1948 and integrating it back to the Go driver should be straightforward once the refactoring is complete.
Suggested steps:
- Add an SSLCaFilePassword option
- Pass both SSLCaFile and SSLCaFilePassword to AddClientCertFromFile
- Within AddClientCertFromFile, use x509.DecryptPEMBlock if an encrypted PEM file is found
- causes
-
GODRIVER-287 SSL client certificate should support PEM files with passwords
- Closed