Yedidyah Bar David has posted comments on this change.
Change subject: pki: Add a script to extract parts of a PKCS#12 store
......................................................................
Patch Set 1: (1 inline comment)
....................................................
File packaging/bin/pki-pkcs12-extract.sh
Line 1: #!/bin/sh
Alon Bar-Lev wrote:
> why do we need this script? anyway, if we do, please also extract the
> certificate, and get as parameter the location you want to extract the key
> and certificate.
> Also, please call this pki-pkcs12-extract or something... and if output
> password is empty then you extract without password.
> And... do this in separate patch, as it is actually pki magic.
Didi's reply (not inline as gerrit will not allow further inlines anyway):
1. I think we need it. I do not like the mix of pki-* wrappers and direct calls
to openssl.
I made it behave similarly to the other pki-* scripts, e.g. in doing everything
in fixed locations. I understand why here you
want a change - because you want to allow the user choose a different name for
'nopass' keys. Do we really need that?
I do not see a point in creating a script with as many options and flexibility
as 'openssl pkcs12', that's the whole point of it.
2. You create a cert in pki-enroll-pkcs12.sh (by calling pki-enroll-request.sh)
and then do not remove it after creating the p12 file.
3. Renamed, as I also thought about this name before, but decided to make it
more specific both in name and function.
Now let's decide if we want this script, want to change others, what each one
does, then decide about names.
Perhaps it's better done on a mailing list, dunno.
Line 2:
Line 3: extractkey() {
Line 4: local name="$1"
Line 5: local pass="$2"
--
To view, visit http://gerrit.ovirt.org/17562
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Ica596fe3ef4e5f0a60ae99b0934b10433b9d5023
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yedidyah Bar David <[email protected]>
Gerrit-Reviewer: Yedidyah Bar David <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
