Open luxus opened 1 year ago
@luxus this is not currently a supported feature.
are there plans to implement it and is it hard/take a long time?
I do not believe there is currently any ongoing work to add such a feature.
In terms of difficulty to implement: I wouldn't think it is super hard but it probably isn't a one-weekend project either. The REST API itself is probably a trivial change. Where things get a little interesting would be goca.go, ca.go, and cert/cert.go; here you'd need to adjust a few function signatures to handle a password parameter and some additional branching to handle certs with passwords and certs without. Which in it of itself is just busy work. But designing for API compatibility would take a little thinking and you might also think about using a pre-allocated byte slice (rather than a string) to hold the password so the memory location could be overwritten after use which could add a wrinkle or two.
I think we can keep it open as a feature request. Maybe someone can implement it in the future.
Is it possible set passphrases while creating certificates and CA's via the api?