open-consul

History

Freddy 137bfbb02b Update public listener with SPIFFE Validator Envoy's SPIFFE certificate validation extension allows for us to validate against different root certificates depending on the trust domain of the dialing proxy. If there are any trust bundles from peers in the config snapshot then we use the SPIFFE validator as the validation context, rather than the usual TrustedCA. The injected validation config includes the local root certificates as well.	2022-06-01 17:06:33 -06:00
..
testing.go	Update public listener with SPIFFE Validator	2022-06-01 17:06:33 -06:00

Freddy 137bfbb02b Update public listener with SPIFFE Validator

Envoy's SPIFFE certificate validation extension allows for us to
validate against different root certificates depending on the trust
domain of the dialing proxy.

If there are any trust bundles from peers in the config snapshot then we
use the SPIFFE validator as the validation context, rather than the
usual TrustedCA.

The injected validation config includes the local root certificates as
well.

2022-06-01 17:06:33 -06:00

testing.go

Update public listener with SPIFFE Validator

2022-06-01 17:06:33 -06:00