nebula

Commit Graph

Author	SHA1	Message	Date
Lars Lehtonen	dbdb48f182	cert: fix dropped errors (#961 )	2023-09-07 13:54:01 -04:00
John Maguire	a56a97e5c3	Add ability to encrypt CA private key at rest (#386 ) Fixes #8. `nebula-cert ca` now supports encrypting the CA's private key with a passphrase. Pass `-encrypt` in order to be prompted for a passphrase. Encryption is performed using AES-256-GCM and Argon2id for KDF. KDF parameters default to RFC recommendations, but can be overridden via CLI flags `-argon-memory`, `-argon-parallelism`, and `-argon-iterations`.	2023-04-03 13:59:38 -04:00

Author

SHA1

Message

Date

Lars Lehtonen

dbdb48f182

cert: fix dropped errors (#961 )

2023-09-07 13:54:01 -04:00

John Maguire

a56a97e5c3

Add ability to encrypt CA private key at rest (#386 )

Fixes #8.

`nebula-cert ca` now supports encrypting the CA's private key with a
passphrase. Pass `-encrypt` in order to be prompted for a passphrase.
Encryption is performed using AES-256-GCM and Argon2id for KDF. KDF
parameters default to RFC recommendations, but can be overridden via CLI
flags `-argon-memory`, `-argon-parallelism`, and `-argon-iterations`.

2023-04-03 13:59:38 -04:00

2 Commits