luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/command/connect
History
Hans Hasselberg 315ba7d6ad
connect: check if intermediate cert needs to be renewed. (#6835) 
Currently when using the built-in CA provider for Connect, root certificates are valid for 10 years, however secondary DCs get intermediates that are valid for only 1 year. There is no mechanism currently short of rotating the root in the primary that will cause the secondary DCs to renew their intermediates.
This PR adds a check that renews the cert if it is half way through its validity period.

In order to be able to test these changes, a new configuration option was added: IntermediateCertTTL which is set extremely low in the tests.
 		2020-01-17 23:27:13 +01:00
..
ca connect: check if intermediate cert needs to be renewed. (#6835) 2020-01-17 23:27:13 +01:00
envoy Add support for dual stack IPv4/IPv6 network (#6640) 2020-01-17 09:54:17 -05:00
proxy Fix consul connect token env variable doc (#5942) 2019-12-04 14:01:03 -06:00
connect.go Original proxy and connect.Client implementation. Working end to end. 2018-06-14 09:41:56 -07:00
connect_test.go Builtin tls helper (#5078) 2018-12-19 09:22:49 +01:00