open-consul

History

Daniel Nephin 44f9229b96 ca: add a test that uses an intermediate CA as the primary CA This test found a bug in the secondary. We were appending the root cert to the PEM, but that cert was already appended. This was failing validation in Vault here: https://github.com/hashicorp/vault/blob/sdk/v0.3.0/sdk/helper/certutil/types.go#L329 Previously this worked because self signed certs have the same SubjectKeyID and AuthorityKeyID. So having the same self-signed cert repeated doesn't fail that check. However with an intermediate that is not self-signed, those values are different, and so we fail the check. A test I added in a previous commit should show that this continues to work with self-signed root certs as well.		2022-02-02 13:41:35 -05:00
..
ca	ca: add a test that uses an intermediate CA as the primary CA	2022-02-02 13:41:35 -05:00
authz.go
authz_test.go
common_names.go
csr.go
generate.go
generate_test.go	bulk rewrite using this script	2022-01-20 10:46:23 -06:00
parsing.go
sni.go	Leave todo about default name	2021-10-27 11:15:25 -06:00
sni_test.go
testing_ca.go
testing_ca_test.go	bulk rewrite using this script	2022-01-20 10:46:23 -06:00
testing_spiffe.go
uri.go	auto-config: ensure the feature works properly with partitions (#11699 )	2021-12-01 13:32:34 -06:00
uri_agent.go
uri_agent_oss.go	re-run gofmt on 1.17 (#11579 )	2021-11-16 12:04:01 -06:00
uri_agent_oss_test.go	re-run gofmt on 1.17 (#11579 )	2021-11-16 12:04:01 -06:00
uri_service.go
uri_service_oss.go	re-run gofmt on 1.17 (#11579 )	2021-11-16 12:04:01 -06:00
uri_service_oss_test.go	re-run gofmt on 1.17 (#11579 )	2021-11-16 12:04:01 -06:00
uri_signing.go	ca: accept only the cluster ID to SpiffeIDSigningForCluster	2021-11-16 16:57:21 -05:00
uri_signing_test.go	ca: accept only the cluster ID to SpiffeIDSigningForCluster	2021-11-16 16:57:21 -05:00
uri_test.go	auto-config: ensure the feature works properly with partitions (#11699 )	2021-12-01 13:32:34 -06:00
x509_patch.go
x509_patch_test.go