Certificate rotation without backup

[e-gineer]

Description

In removeExpiringSelfIssuedCertificates(), when certificates are removed for regeneration, the old certificates are deleted without backup. If regeneration fails, users lose their certificates with no way to recover.

Severity

LOW - Data loss potential

Test Reference

Test: TestRemoveExpiringSelfIssuedCertificates in pkg/db/db_local/ssl_test.go:86 (skipped)

Suggested Fix

Create timestamped backups of old certificates before removal, similar to how database backups are retained.

Related Code

• pkg/db/db_local/ssl.go:33-63

[e-gineer]

Closing this issue as low priority after deeper analysis of the certificate rotation implementation.

Why the risk is minimal:

1. Self-issued certificates: These are locally-generated SSL certificates for the embedded Postgres database, not CA-issued certificates. They can be regenerated at any time.

2. Root private key persists: Looking at removeAllCertificates() in ssl.go:98-108, the root private key is intentionally NOT deleted during rotation:

   // remove the root cert (but not key)
   if err := os.Remove(filepaths.GetRootCertLocation()); err != nil {
       return err
   }

   This ensures continuity - new certificates can be generated with the same root key.

3. Regeneration failures would also prevent backups: Common failure scenarios (disk full, permission issues) would equally prevent writing backup files.

4. No irreplaceable data at risk: Unlike user data or externally-issued certificates, these self-signed certificates are ephemeral by design.

Certificate lifecycle:

• Root CA: Expires year 9999 (essentially never)
• Server cert: Expires in 3 years, rotates at 75% lifetime
• Both can be regenerated on-demand using standard crypto libraries

Assessment:
While the suggested fix follows general backup best practices, it adds complexity for minimal practical benefit. The certificates are designed to be regenerable, and the root key persistence ensures smooth rotation.

Marking as low priority / won't fix to focus on more impactful improvements.