Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[V2] Use PFX Certificates for Client Auth instead of PEM #327 #330

Merged
merged 6 commits into from
Aug 11, 2023
Merged

[V2] Use PFX Certificates for Client Auth instead of PEM #327 #330

merged 6 commits into from
Aug 11, 2023

Conversation

JenGoldstrich
Copy link
Contributor

Duplicate of #327

In the new SDK we are using in v2 client certificates behave the way they do for the Terraform Provider https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/guides/service_principal_client_certificate using .pfx files only. This also allows user to use password protected certificates which is preferred for security. This will require users to generate new certificates sadly which is a breaking change

Adds client_cert_password field, as most pfx files are password protected and the SDK supports this

Removes client_cert_timeout field, which is not supported in the new SDK

This PR has a messy diff since its on top of my fork with all of V2 migration, but the main changers are in the azure_authorizer file, and in the common client config

Closes #46

@JenGoldstrich JenGoldstrich requested a review from a team as a code owner August 11, 2023 19:33
lbajolet-hashicorp
lbajolet-hashicorp approved these changes Aug 11, 2023
View reviewed changes
Copy link
Contributor

@lbajolet-hashicorp lbajolet-hashicorp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@JenGoldstrich JenGoldstrich merged commit 95012a5 into hashicorp:main Aug 11, 2023
11 checks passed
@JenGoldstrich JenGoldstrich added breaking-change version/bump major A PR that breaks backwards compatibility. enhancement security Security issues/fixes. labels Aug 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lbajolet-hashicorp lbajolet-hashicorp lbajolet-hashicorp approved these changes

Assignees
No one assigned
Labels
breaking-change enhancement security Security issues/fixes. version/bump major A PR that breaks backwards compatibility.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Azure Builder: certificate in .pem format is required for authentication using client_cert_path
2 participants
@JenGoldstrich @lbajolet-hashicorp