Traffic Vault: Reencrypt utility wipes different SSL Keys during update #7158
Labels
bug
something isn't working as intended
low difficulty
the estimated level of effort to resolve this issue is low
medium impact
impacts a significant portion of a CDN, or has the potential to do so
Traffic Vault
related to Traffic Vault
This Bug Report affects these Traffic Control components:
Current behavior:
When running the
reencrypt
utility located attrafficcontrol/traffic_ops/app/db/reencrypt/reencrypt.go
for SSL Keys (misnomer) all versions of the SSL Keys entries are replaced by a single entry multiple times. As an example, if a delivery service has multiple "versions" of SSL Key data information, all of them are reencrypted into a single data blob for every version.Before running
reencrypt
:After running
reencrypt
(notice the data columns have the same value for each DS, regardless of the version):Expected behavior:
Each row should be uniquely decrypted and reencrypted resulting in a different correctly encrypted data for each delivery service ssl key version.
Steps to reproduce:
Execute the
reencrypt
utility on a Traffic Vault dump with a delivery service that has 3 or more entries (2 or more versions plus 'latest') for SSL Keys.The text was updated successfully, but these errors were encountered: