[PR #1789] [CLOSED] Only create private key in pem format if it doesn't already exist #3005

New issue

Closed

opened 2026-03-03 09:09:19 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 09:09:19 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/1789
Author: @Bobonium
Created: 6/22/2021
Status: ❌ Closed

Base: main ← Head: main

📝 Commits (1)

d5cde07 Only create private key in pem format if it doesn't already exist

📊 Changes

1 file changed (+13 additions, -11 deletions)

View changed files

📝 src/main.rs (+13 -11)

📄 Description

The original logic checks if the private and public key are available in the .der format, but ignores the private key in .pem format.

This change does not have any impact on the already working setups, it merely enables the User to only provide a single private key in .pem format.

My use case is simple. I deploy vaultwarden on kubernetes through terraform and I'm unable to create private keys in .der format directly. By simply checking for an existing .pem key first, I can simply mount the key that I've created with terraform and on startup the application will automatically convert it to the correct format.

Since the CONFIG provides methods to get the key names I also switched to using those instead of generating the names.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/1789 **Author:** [@Bobonium](https://github.com/Bobonium) **Created:** 6/22/2021 **Status:** ❌ Closed **Base:** `main` ← **Head:** `main` --- ### 📝 Commits (1) - [`d5cde07`](https://github.com/dani-garcia/vaultwarden/commit/d5cde07563cbc225cdb7949a4b1276981abd67f7) Only create private key in pem format if it doesn't already exist ### 📊 Changes **1 file changed** (+13 additions, -11 deletions) <details> <summary>View changed files</summary> 📝 `src/main.rs` (+13 -11) </details> ### 📄 Description The original logic checks if the private and public key are available in the `.der` format, but ignores the private key in `.pem` format. This change does not have any impact on the already working setups, it merely enables the User to only provide a single private key in `.pem` format. My use case is simple. I deploy vaultwarden on kubernetes through terraform and I'm unable to create private keys in `.der` format directly. By simply checking for an existing `.pem` key first, I can simply mount the key that I've created with terraform and on startup the application will automatically convert it to the correct format. Since the `CONFIG` provides methods to get the key names I also switched to using those instead of generating the names. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>