gnsi icon indicating copy to clipboard operation
gnsi copied to clipboard
verified publisher icon openconfig

AuthenticationArtifacts should contain both private key and certificate in single message

Open nkrishk opened this issue 3 months ago • 0 comments

As per proto, AuthenticationArtifacts should contain both private key and certificate in single message (it is not oneof message)

https://github.com/openconfig/gnsi/blob/main/credentialz/credentialz.proto#L761-L770

message ServerKeysRequest {
  message AuthenticationArtifacts {
    // Private key to be used by the SSH server.
    // OpenSSH-formatted.
    bytes private_key = 1;
    // SSH Certificate (server's public key signed by the Certificate Authority)
    // to be used by the SSH server.
    // OpenSSH-formatted.
    bytes certificate = 2;
  }

But as per credz test, private key and certificate are added as separate list

https://github.com/openconfig/featureprofiles/blob/main/internal/security/credz/credz.go#L280-L298

need clarity on this, based on this i will modify the test scripts

nkrishk avatar Sep 24 '25 08:09 nkrishk