279583 – security/step-certificates: support various password-related startup options

Bug 279583 - security/step-certificates: support various password-related startup options

Summary: security/step-certificates: support various password-related startup options

Status:	New

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	freebsd-ports-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2024-06-08 04:26 UTC by Robert William Vesterman
Modified:	2024-06-08 04:26 UTC (History)
CC List:	1 user (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (mw)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert William Vesterman 2024-06-08 04:26:17 UTC

The step-ca server has several different password-related startup command line options for different purposes, including but perhaps not limited to:

--password-file
--ssh-host-password-file
--ssh-user-password-file
--issuer-password-file
--provisioner-password-file

Of these, the FreeBSD rc.d script only seems to support --password-file. Things can still *work*, because if a more specific one is missing, it will default to the value of --password-file (although see note below), but it would be best to use the more specific ones as appropriate.

NOTE: I'm unfamiliar with --issuer-password-file, and I don't know for sure that it will default to --password-file like the others do.

Thanks.