IPSec requires the private key of system-local-ca to be RSA, and
while the usage of other types of keys is under consideration, it
still needs to be implemented. Also, other types of keys where
never validated for other services that use certificates issued from
system-local-ca, such as LDAP, Docker Registry, and so on.
Considering this, this review includes an upgrade precheck that will
prevent an user to upgrade from a system with non RSA keys. This
precheck needs to be re evaluated in the future if we support other
types of keys.
Test Plan:
PASS: With an stx 8 system with ECC key in system-local-ca:
- Loaded designer iso for stx 10;
- Run 'software deploy precheck';
- Observed that a message is displayed to the user, informing
that only RSA keys are supported and the procedure to update
system-local-ca.
PASS: With an stx 8 system with RSA key in system-local-ca:
- Loaded designer iso for stx 10;
- Run 'software deploy precheck';
- Observed that the precheck passes. No message regarding
system-local-ca's private key is displayed.
Story: 2010940
Task: 51238
Change-Id: I6315b6018e755cf80d7e1f6a01909fb5ddb15ba4
Signed-off-by: Marcelo de Castro Loebens <Marcelo.DeCastroLoebens@windriver.com>
0bbb7fb9d7