Hans Hasselberg 315ba7d6ad connect: check if intermediate cert needs to be renewed. (#6835) ... Currently when using the built-in CA provider for Connect, root certificates are valid for 10 years, however secondary DCs get intermediates that are valid for only 1 year. There is no mechanism currently short of rotating the root in the primary that will cause the secondary DCs to renew their intermediates. This PR adds a check that renews the cert if it is half way through its validity period. In order to be able to test these changes, a new configuration option was added: IntermediateCertTTL which is set extremely low in the tests.		2020-01-17 23:27:13 +01:00
..
ca	connect: check if intermediate cert needs to be renewed. (#6835)	2020-01-17 23:27:13 +01:00
common_names.go	connect: Add AWS PCA provider (#6795)	2019-11-21 17:40:29 +00:00
csr.go	auto_encrypt: set dns and ip san for k8s and provide configuration (#6944)	2020-01-17 23:25:26 +01:00
generate.go	connect: Support RSA keys in addition to ECDSA (#6055)	2019-07-30 17:47:39 -04:00
generate_test.go	Fix support for RSA CA keys in Connect. (#6638)	2019-11-01 13:20:26 +00:00
parsing.go	Fix support for RSA CA keys in Connect. (#6638)	2019-11-01 13:20:26 +00:00
sni.go	connect: generate the full SNI names for discovery targets in the compiler rather than in the xds package (#6340)	2019-08-19 13:03:03 -05:00
sni_test.go	connect: generate the full SNI names for discovery targets in the compiler rather than in the xds package (#6340)	2019-08-19 13:03:03 -05:00
testing_ca.go	connect: check if intermediate cert needs to be renewed. (#6835)	2020-01-17 23:27:13 +01:00
testing_ca_test.go	Fix support for RSA CA keys in Connect. (#6638)	2019-11-01 13:20:26 +00:00
testing_spiffe.go
uri.go
uri_agent.go
uri_agent_test.go
uri_service.go	Intentions ACL enforcement updates (#7028)	2020-01-13 15:51:40 -05:00
uri_service_test.go	Intentions ACL enforcement updates (#7028)	2020-01-13 15:51:40 -05:00
uri_signing.go
uri_signing_test.go
uri_test.go