Merge pull request #16104 from ninjadq/generated_rsa_key_format

Fix: using traditional `PKCS#1` format RSA key
2025-05-21 14:26:36 +00:00 · 2021-12-10 14:15:34 +08:00 · 2021-12-10 14:15:34 +08:00 · 7a5bab1c3e
commit 7a5bab1c3e
parent eb8db3215c 12b5338985
2 changed files with 1 additions and 3 deletions
--- a/make/photon/prepare/utils/cert.py
+++ b/make/photon/prepare/utils/cert.py
@ -46,7 +46,7 @@ def get_alias(path):

@stat_decorator
 def create_root_cert(subj, key_path="./k.key", cert_path="./cert.crt"):
-   rc = subprocess.call(["/usr/bin/openssl", "genrsa", "-out", key_path, "4096"], stdout=DEVNULL, stderr=subprocess.STDOUT)
+   rc = subprocess.call(["/usr/bin/openssl", "genrsa", "-traditional", "-out", key_path, "4096"], stdout=DEVNULL, stderr=subprocess.STDOUT)
   if rc != 0:
        return rc
   return subprocess.call(["/usr/bin/openssl", "req", "-new", "-x509", "-key", key_path,\
--- a/tests/ci/api_common_install.sh
+++ b/tests/ci/api_common_install.sh
@ -59,8 +59,6 @@ sudo make compile build prepare COMPILETAG=compile_golangimage GOBUILDTAGS="incl

 # set the debugging env
 echo "GC_TIME_WINDOW_HOURS=0" | sudo tee -a ./make/common/config/core/env
-# TODO This is a temporary solution to core private_key
-sudo openssl rsa -in /data/secret/core/private_key.pem -out /data/secret/core/private_key.pem
 sudo make start

 # waiting 5 minutes to start