Support ECDSA private keys. This is both:
How this looks today is unknown. However, it doesn't work given:
/opt/dirsrv/sbin/ns-slapd -d 0 -D /opt/dirsrv/etc/dirsrv/slapd-localhost Assertion failure: ((*privkey)->keyType) == rsaKey, at /home/william/development/389ds/ds/ldap/servers/slapd/ssl.c:2893 [1] 12717 abort /opt/dirsrv/sbin/ns-slapd -d 0 -D /opt/dirsrv/etc/dirsrv/slapd-localhost
This is important as it blocks us from using strong future proof cryptographic mechanisms in TLS.
This may be of interest to @mhonek.
Important would be establishment of a ECDSA type in the nss_ssl.py module so we can test this properly and programmatically.
Metadata Update from @mreynolds: - Custom field component adjusted to None - Custom field origin adjusted to None - Custom field reviewstatus adjusted to None - Custom field type adjusted to None - Custom field version adjusted to None - Issue set to the milestone: 1.4.1
@mhonek We've just had a request for this in #50160, so it would be great if you could look into this soon! Thanks,
Metadata Update from @mhonek: - Issue assigned to mhonek
Metadata Update from @mhonek: - Issue tagged with: RFE, Security
Metadata Update from @mreynolds: - Issue priority set to: normal - Issue set to the milestone: 1.4.4 (was: 1.4.1)
Metadata Update from @mreynolds: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1859298
Issue linked to Bugzilla: Bug 1859298
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/3069
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.