|
Post by adamp on Jan 24, 2023 10:02:08 GMT
Please consider adding PKCS#1 private key format as a valid option to Certificate related resources.
Currently: Redfish Data Model Specification 6.16.5.2.2 PEM: "The private key shall be encoded as described in section 10 of RFC7468" The section 10 of RFC7468 describes only PKCS#8 private key format as a valid option.
Request to add: PKCS#1 private key format using delimiters -----BEGIN RSA PRIVATE KEY-----, -----END RSA PRIVATE KEY-----
Explanation: We are going to use original Redfish resources whenever possible in Fujitsu Limited. We are using iRMC server view to manage our Primergy servers. The iRMC web server accepts PKCS#1 private key along with TLS certificate, therefore PKCS#1 support in Redfish is needed to use Certificate related resources.
|
|
|
Post by mraineri on Jan 24, 2023 13:58:44 GMT
Thanks; I'll raise this for a discussion.
|
|
|
Post by mraineri on Mar 17, 2023 14:38:09 GMT
The forum doesn't see the need to add PKCS 1 here. One challenge with PKCS 1 is there is no formal RFC that defines the delimiters in the PEM file. Another challenge is that it puts a burden on clients to discover what type of key format they need to supply. In addition, all PKCS 1 keys can be translated into PKCS 8 with existing tools, so the burden on the service appears minimal to support PKCS 8.
|
|