kms icon indicating copy to clipboard operation
kms copied to clipboard

Published 20 hours ago verified publisher icon Cosmian

Support for Quick Cert functionality ?

Open bgrieder opened this issue 1 year ago • 1 comments

Before #101 , a non-KMIP-compliant quick cert functionality existed which would allow the creation of a cert and its chain by supplying minimal infos on the subject names. The keys would use X25519.

After #101 this should be doable with three calls:

  • a Import call to import the a PKCS#12 with the issuer private key and cert(s)

  • then for every new certificate

    • a CreateKeyPair call to generate a Key pair
    • a Certify call on the generated Public Key to generate a cert

    In my view, this is good enough to emulate the old functionality and has the benefit to be KMIP compliant while offering more flexibility on the encryption algorithms used.

    While we make the decision, the "quick cert" code, will be moved to a separate branch

bgrieder avatar Nov 26 '23 11:11 bgrieder

Code available in server/src/certificates/qui_cert in branch 103

bgrieder avatar Nov 26 '23 11:11 bgrieder

Can be closed since this PR https://github.com/Cosmian/kms/pull/248 solve the certificate generation.

Manuthor avatar Aug 20 '24 18:08 Manuthor