From 5e85c02f376d4714156bcd5b2d9e76e82f3e35ad Mon Sep 17 00:00:00 2001 From: dotdister Date: Tue, 30 Sep 2025 20:38:49 +0900 Subject: [PATCH] neon_local: fix mismatched comment about local SSL certificate generation (#12814) ## Problem In control_plane, the local SSL certificate generation uses `ed25519`, but the comment still remained `rsa:2048`, resulting in a mismatch. This mismatch was introduced in #11542. ## Summary of changes The comment has been corrected from `rsa:2048` to `ed25519` to ensure consistency with the implementation. --- control_plane/src/local_env.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/control_plane/src/local_env.rs b/control_plane/src/local_env.rs index d34dd39f61..2d183e3c63 100644 --- a/control_plane/src/local_env.rs +++ b/control_plane/src/local_env.rs @@ -1074,7 +1074,7 @@ fn generate_auth_keys(private_key_path: &Path, public_key_path: &Path) -> anyhow } fn generate_ssl_ca_cert(cert_path: &Path, key_path: &Path) -> anyhow::Result<()> { - // openssl req -x509 -newkey rsa:2048 -nodes -subj "/CN=Neon Local CA" -days 36500 \ + // openssl req -x509 -newkey ed25519 -nodes -subj "/CN=Neon Local CA" -days 36500 \ // -out rootCA.crt -keyout rootCA.key let keygen_output = Command::new("openssl") .args([ @@ -1104,7 +1104,7 @@ fn generate_ssl_cert( let mut csr_path = cert_path.to_path_buf(); csr_path.set_extension(".csr"); - // openssl req -new -nodes -newkey rsa:2048 -keyout server.key -out server.csr \ + // openssl req -new -nodes -newkey ed25519 -keyout server.key -out server.csr \ // -subj "/CN=localhost" -addext "subjectAltName=DNS:localhost,IP:127.0.0.1" let keygen_output = Command::new("openssl") .args(["req", "-new", "-nodes"])