Skip to content

Enable Google KMS and Azure Key Vault for publisher login tool #696

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Enable Google KMS and Azure Key Vault for publisher login tool #696

wants to merge 2 commits into from
+636 −91

Conversation

@joelverhagen
Copy link
Contributor

@joelverhagen joelverhagen commented Oct 23, 2025
edited
Loading

Motivation and Context

This allows the private key used for DNS or HTTP based authentication to be stored securely in a cloud key management system. These services often provide HSM storage which makes it very hard to leak the private key.

The full context is described in my design document here:
#482 (comment)

How Has This Been Tested?

I have tested it against PROD using an Ed25519 key stored in Google KMS. I have added unit tests. I have tested both ECDSA P-384 and Ed25519 with Az KV and Google KMS against a locally running server.

Breaking Changes

None intended.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

Additional context

@joelverhagen joelverhagen marked this pull request as draft October 23, 2025 14:37
@joelverhagen joelverhagen force-pushed the joelverhagen/azkv branch 2 times, most recently from 4daf89b to 60001e6 Compare October 23, 2025 15:13
@joelverhagen joelverhagen marked this pull request as ready for review October 23, 2025 15:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@joelverhagen