Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify public-private key pair obtained from vault used for TLS handshake #1073

Closed
jfallows opened this issue Jun 3, 2024 · 0 comments · Fixed by #1108
Closed

Verify public-private key pair obtained from vault used for TLS handshake #1073

jfallows opened this issue Jun 3, 2024 · 0 comments · Fixed by #1108
Assignees
@attilakreiner
Labels
story Feature description from user's perspective

Comments

@jfallows
Copy link
Contributor

jfallows commented Jun 3, 2024
edited
Loading

Describe the desired outcome from the user's perspective
As devops, I want to detect when zilla is misconfigured such that TLS private key does not match public key.

Acceptance criteria

  • Verify public-private key pair
  • Log event if public-private key pair is invalid

Additional context
By performing this check in the tls binding where the key pair is used, then each vault does not need to reimplement.

Note: there are at least two ways to approach this.
https://stackoverflow.com/questions/49426844/how-to-validate-a-public-and-private-key-pair-in-java
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@attilakreiner attilakreiner

Labels
story Feature description from user's perspective
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Verify public-private tls key pair attilakreiner/zilla
2 participants
@jfallows @attilakreiner