SSL encryption capability，Nebula cannot parse the encrypted key file

vesoft-inc / nebula

A distributed, fast open-source graph database featuring horizontal scalability and high availability

https://nebula-graph.io

Apache License 2.0

10.8k stars 1.2k forks source link

SSL encryption capability，Nebula cannot parse the encrypted key file #5862

Open vealfan opened 6 months ago

vealfan commented 6 months ago

After the SSL encryption capability is enabled, Nebula cannot parse the encrypted key file. As a result, the service cannot be started. Is there any solution to this problem?

QingZ11 commented 6 months ago

Is your issue the same as this one: https://github.com/vesoft-inc/nebula/issues/5859 ?

vealfan commented 6 months ago

yes，but But my scene is： After the RSA key pair is generated using openssl genrsa command, we encrypted the RSA key pair using openssl rsa command with AES-256-CBC. The key file encrypted using AES-256-CBC is used to meet security requirements. However, nebula may not be able to parse such a key file.

I have a question, what is the purpose of the password file? Because when we use the password file, nebula cannot decrypt the key file that is encrypted with the encryption algorithm.