18 Commits

Author	SHA1	Message	Date
Kyle Havlovitz	a67bfa2c1b	connect/ca: use weak type decoding in the Vault config parsing	2018-06-25 12:25:42 -07:00
Kyle Havlovitz	f3089a6647	connect/ca: undo the interface changes and use sign-self-issued in Vault	2018-06-25 12:25:42 -07:00
Kyle Havlovitz	f79e3e3fa5	connect/ca: add leaf verify check to cross-signing tests	2018-06-25 12:25:41 -07:00
Kyle Havlovitz	cea94d0bcf	connect/ca: update Consul provider to use new cross-sign CSR method	2018-06-25 12:25:41 -07:00
Kyle Havlovitz	675555c4ff	connect/ca: update Vault provider to add cross-signing methods	2018-06-25 12:25:41 -07:00
Kyle Havlovitz	a97c44c1ba	connect/ca: add URI SAN support to the Vault provider	2018-06-25 12:25:41 -07:00
Kyle Havlovitz	7b0845ccde	connect/ca: fix vault provider URI SANs and test	2018-06-25 12:25:41 -07:00
Kyle Havlovitz	a98b85b25c	connect/ca: add the Vault CA provider	2018-06-25 12:25:41 -07:00
Paul Banks	6ecc0c8099	Sign certificates valid from 1 minute earlier to avoid failures caused by clock drift	2018-06-25 12:25:41 -07:00
Paul Banks	824a9b4943	Actually return Intermediate certificates bundled with a leaf!	2018-06-25 12:25:40 -07:00
Kyle Havlovitz	54bc937fed	Re-use uint8ToString	2018-06-14 09:42:23 -07:00
Kyle Havlovitz	4d46bba2c4	Support giving the duration as a string in CA config	2018-06-14 09:42:22 -07:00
Paul Banks	30d90b3be4	Generate CSR using real trust-domain	2018-06-14 09:42:16 -07:00
Paul Banks	c808833a78	Return TrustDomain from CARoots RPC	2018-06-14 09:42:15 -07:00
Kyle Havlovitz	d1265bc38b	Rename some of the CA structs/files	2018-06-14 09:42:15 -07:00
Kyle Havlovitz	baf4db1c72	Use provider state table for a global serial index	2018-06-14 09:42:15 -07:00
Kyle Havlovitz	5998623c44	Add test for ca config http endpoint	2018-06-14 09:42:15 -07:00
Kyle Havlovitz	c90b353eea	Move connect CA provider to separate package	2018-06-14 09:42:15 -07:00