Add flags to --init that allow for importing existing root key/cert
#731
Labels
Milestone
Comments
|
This functionality is crucial to make trust-pinning a useful feature in our usage scenario (where both pushing and pulling clients are trusted , but the Notary server itself is not). |
|
Experimental pull request here: #813 |
dnwake
pushed a commit
to dnwake/notary
that referenced
this issue
Jul 8, 2016
Addresses notaryproject#731 Signed-off-by: David Wake <dwake@box.com>
Closed
dnwake
pushed a commit
to dnwake/notary
that referenced
this issue
Jul 8, 2016
Addresses notaryproject#731 Signed-off-by: David Wake <dwake@box.com>
dnwake
pushed a commit
to dnwake/notary
that referenced
this issue
Jul 8, 2016
Addresses notaryproject#731 Signed-off-by: David Wake <dwake@box.com>
dnwake
pushed a commit
to dnwake/notary
that referenced
this issue
Jul 8, 2016
Addresses notaryproject#731 Signed-off-by: David Wake <dwake@box.com>
|
Keys is in, we're punting the certs side to the next release. Putting it in the 1.0 backlog for now, will likely get pulled in from there. |
|
We are currently working on an implementation for |
cyc115
pushed a commit
to cyc115/notary
that referenced
this issue
Oct 10, 2017
This will allow user to rotate a repository's root key to a pinned trust, make trust pinning more useful. - add `--rootcert` flag to key rotation - add `-y` flag to key rotate to allow auto-confirmation of rotating root keys (no user interaction required) - allow mismatched key-certificate pair to be provided. an example usage would be : The PR includes the following: `notary key rotate [GUN] root --key path/to/key.key --rootcert path/to/rootcert.pem` related issues: notaryproject#1144, notaryproject#1118, notaryproject#731 Signed-off-by: Chen Yuechuan-XJQW46 <Yuechuan.Chen@motorolasolutions.com>
endophage
pushed a commit
to cyc115/notary
that referenced
this issue
Oct 26, 2017
This will allow user to rotate a repository's root key to a pinned trust, make trust pinning more useful. - add `--rootcert` flag to key rotation - add `-y` flag to key rotate to allow auto-confirmation of rotating root keys (no user interaction required) - allow mismatched key-certificate pair to be provided. an example usage would be : The PR includes the following: `notary key rotate [GUN] root --key path/to/key.key --rootcert path/to/rootcert.pem` related issues: notaryproject#1144, notaryproject#1118, notaryproject#731 Signed-off-by: Chen Yuechuan-XJQW46 <Yuechuan.Chen@motorolasolutions.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Suggested flags are
--rootcertand--rootkey. We can be restrictive about the input formats we accept.The scope of this work should be expanded to also allow specific private and public keys to be provided to
notary key rotateThe text was updated successfully, but these errors were encountered: