Development #57005
x509: support certificates with human-friendly annotations
Statut:
Nouveau
Priorité:
Bas
Assigné à:
-
Catégorie:
-
Version cible:
-
Début:
16 septembre 2021
Echéance:
% réalisé:
0%
Temps estimé:
Patch proposed:
Non
Planning:
Non
Description
currently, in our private puppet repository, x509 certificates (as well as private keys) are annotated with human-friendly information.
for human-friendliness of unit-test certificates (including in software relying on lasso, e.g. authentic), such annotation would benefit from being supported by lasso.
fyi the annotation shell script relies on openssl cli, as follows :
for pem in *.pem *.key
do
if test -r $pem
then
echo " " $pem
openssl crl2pkcs7 -nocrl -certfile $pem | openssl pkcs7 -print_certs -text -out $pem.$$-new
openssl rsa -in $pem -text >> $pem.$$-new 2> /dev/null || /bin/true
mv $pem.$$-new $pem
fi
done