Skip to content

Commit

Permalink
do not save private keys, even if we receive them
Browse files Browse the repository at this point in the history
  • Loading branch information
jschlyter committed Dec 2, 2024
1 parent 3806ae8 commit a016cb3
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion nodeman/nodes.py
Original file line number Diff line number Diff line change
Expand Up @@ -232,7 +232,7 @@ async def enroll_node(
except InvalidJWSSignature as exc:
logger.warning("Invalid proof-of-possession signature from %s", name, extra={"nodename": name})
raise HTTPException(status.HTTP_401_UNAUTHORIZED, detail="Invalid proof-of-possession signature") from exc
node.public_key = public_key.export(as_dict=True)
node.public_key = public_key.export(as_dict=True, private_key=False)

# Verify X.509 CSR and issue certificate
x509_csr = x509.load_pem_x509_csr(message["x509_csr"].encode())
Expand Down

0 comments on commit a016cb3

Please sign in to comment.