digital-asset/daml
1
1
Fork 0
mirror of https://github.com/digital-asset/daml.git synced 2024-11-10 10:46:11 +03:00
Code Issues Projects Releases Wiki Activity
46f6877ee5
daml/ledger/test-common/test-certificates
History
pbatko-da bd01a211f4
[DPP-418] Protect Participant TLS keys (#10629) 
Adding support for accepting server's private key as an encrypted file (since storing unencrypted private key in a file system might be a risk).

Encrypted private key is assumed to be encrypted using AES or similar algorithm. The details necessary to decrypt it are be obtained from a secrets server over HTTP as JSON document. The URL to secret's server is supplied through the new `--secrets-url` CLI parameter.

One can supply private in either plaintext (old behavior) or ciphertext: if a private key's file ends with .enc suffix it is assumed to be ciphertext. Otherwise it is assumed to be plain text.

CHANGELOG_BEGIN
- [DPP-418] [Participant] Add support for supplying server's private key as an encrypted file and then decrypting it with the help of a secrets server.
CHANGELOG_END
2021-08-30 09:24:52 +02:00
..
BUILD.bazel [DPP-418] Protect Participant TLS keys (#10629) 2021-08-30 09:24:52 +02:00
openssl-alternative-template.cnf --client-auth param for kvutils app [DPP-212] (#8589) 2021-01-28 13:21:43 +01:00
openssl-template.cnf fix (some) copyright headers (#8422) 2021-01-07 11:48:59 +01:00