BetterFrame

BetterCorp/BetterFrame

Fork 0

mirror of https://github.com/BetterCorp/BetterFrame.git synced 2026-05-26 16:56:33 +00:00

Commit graph

Author	SHA1	Message	Date
Mitchell R	c4ce9e7880	fix(rauc): switch signing keys from Ed25519 to ECDSA P-256 RAUC uses OpenSSL CMS signing. CMS doesn't support Ed25519 on OpenSSL < 3.2 — Ubuntu 24.04 ships 3.0.13 → "pkey nid=1087" error. ECDSA P-256 is universally supported in CMS, fast, and small. Operator must regenerate keys + re-set GitHub secrets: rm -rf rauc-signing bash scripts/gen-rauc-signing-keys.sh cp rauc-signing/ca-cert.pem deploy/rauc/ca-cert.pem git add + commit + push Update BF_RAUC_SIGNING_CERT + BF_RAUC_SIGNING_KEY secrets	2026-05-21 15:45:26 +02:00
Mitchell R	f339fe8e67	chore: add Windows PowerShell version of RAUC key gen script	2026-05-21 13:40:05 +02:00

Author

SHA1

Message

Date

Mitchell R

c4ce9e7880

fix(rauc): switch signing keys from Ed25519 to ECDSA P-256

RAUC uses OpenSSL CMS signing. CMS doesn't support Ed25519 on
OpenSSL < 3.2 — Ubuntu 24.04 ships 3.0.13 → "pkey nid=1087" error.
ECDSA P-256 is universally supported in CMS, fast, and small.

Operator must regenerate keys + re-set GitHub secrets:
  rm -rf rauc-signing
  bash scripts/gen-rauc-signing-keys.sh
  cp rauc-signing/ca-cert.pem deploy/rauc/ca-cert.pem
  git add + commit + push
  Update BF_RAUC_SIGNING_CERT + BF_RAUC_SIGNING_KEY secrets

2026-05-21 15:45:26 +02:00

Mitchell R

f339fe8e67

chore: add Windows PowerShell version of RAUC key gen script

2026-05-21 13:40:05 +02:00

2 commits