Feature Request: DER certificates.

Question

Feature Request: DER certificates.

siennathesane opened this issue 5 years ago · 2 comments

What version of the credhub server you are using?

$ credhub --version
CLI Version: 2.5.2
Server Version: 2.5.7

What version of the credhub cli you are using?

$ credhub --version
CLI Version: 2.5.2
Server Version: 2.5.7

If you were attempting to accomplish a task, what was it you were attempting to do?

Create a new DER-formatted certificate. It would be nice if there was an option for using DER-formatted certificates as part of the certificate generation process. SAML 2.0 requires DER-formatted certificates, so these certificates cannot be generated or managed by Credhub as Credhub only supports PEM-formatted certificates.

Answer 1 · 2020-02-06T17:08:39.000Z

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/171132620

The labels on this github issue will be updated when the story is started.

Answer 2 · 2020-02-24T19:31:58.000Z

@mxplusb - we would like to maintain a single x509 encoding format in our server for engineering simplicity. There is an argument that could be made to do in the CredHub CLI. At this time, we will not be prioritizing this feature, but please feel free to open a PR in the CLI if you wish to move forward with this feature. In the meantime, if you aren't already, we recommend using openssl to convert from DER to PEM.