Dont create ca certs quite yet

2026-02-18 02:46:37 +00:00 · 2026-02-17 14:48:13 -08:00
parent d00262dc31
commit 8315d4b6ae
2 changed files with 11 additions and 11 deletions
--- a/server/lib/createUserAccountOrg.ts
+++ b/server/lib/createUserAccountOrg.ts
@@ -82,9 +82,9 @@ export async function createUserAccountOrg(
        const utilitySubnet = config.getRawConfig().orgs.utility_subnet_group;

        // Generate SSH CA keys for the org
-        const ca = generateCA(`${orgId}-ca`);
-        const encryptionKey = config.getRawConfig().server.secret!;
-        const encryptedCaPrivateKey = encrypt(ca.privateKeyPem, encryptionKey);
+        // const ca = generateCA(`${orgId}-ca`);
+        // const encryptionKey = config.getRawConfig().server.secret!;
+        // const encryptedCaPrivateKey = encrypt(ca.privateKeyPem, encryptionKey);

        const newOrg = await trx
            .insert(orgs)
@@ -95,8 +95,8 @@ export async function createUserAccountOrg(
                subnet: "100.90.128.0/24", // TODO: this should not be hardcoded - or can it be the same in all orgs?
                utilitySubnet: utilitySubnet,
                createdAt: new Date().toISOString(),
-                sshCaPrivateKey: encryptedCaPrivateKey,
-                sshCaPublicKey: ca.publicKeyOpenSSH
+                // sshCaPrivateKey: encryptedCaPrivateKey,
+                // sshCaPublicKey: ca.publicKeyOpenSSH
            })
            .returning();

--- a/server/routers/org/createOrg.ts
+++ b/server/routers/org/createOrg.ts
@@ -145,10 +145,10 @@ export async function createOrg(
                .from(domains)
                .where(eq(domains.configManaged, true));

-            // Generate SSH CA keys for the org
-            const ca = generateCA(`${orgId}-ca`);
-            const encryptionKey = config.getRawConfig().server.secret!;
-            const encryptedCaPrivateKey = encrypt(ca.privateKeyPem, encryptionKey);
+            // // Generate SSH CA keys for the org
+            // const ca = generateCA(`${orgId}-ca`);
+            // const encryptionKey = config.getRawConfig().server.secret!;
+            // const encryptedCaPrivateKey = encrypt(ca.privateKeyPem, encryptionKey);

            const newOrg = await trx
                .insert(orgs)
@@ -158,8 +158,8 @@ export async function createOrg(
                    subnet,
                    utilitySubnet,
                    createdAt: new Date().toISOString(),
-                    sshCaPrivateKey: encryptedCaPrivateKey,
-                    sshCaPublicKey: ca.publicKeyOpenSSH
+                    // sshCaPrivateKey: encryptedCaPrivateKey,
+                    // sshCaPublicKey: ca.publicKeyOpenSSH
                })
                .returning();