luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent/connect
History
Daniel Nephin 6721c1246d ca: relax and move private key type/bit validation for vault 
This commit makes two changes to the validation.

Previously we would call this validation in GenerateRoot, which happens
both on initialization (when a follower becomes leader), and when a
configuration is updated. We only want to do this validation during
config update so the logic was moved to the UpdateConfiguration
function.

Previously we would compare the config values against the actual cert.
This caused problems when the cert was created manually in Vault (not
created by Consul).  Now we compare the new config against the previous
config. Using a already created CA cert should never error now.

Adding the key bit and types to the config should only error when
the previous values were not the defaults.
 		2022-02-03 17:21:20 -05:00
..
ca ca: relax and move private key type/bit validation for vault 2022-02-03 17:21:20 -05:00
authz.go Ensure partition is defaulted in authz 2021-09-16 14:39:01 -06:00
authz_test.go Remove ent checks from oss test 2021-09-16 14:53:28 -06:00
common_names.go connect/ca: cease including the common name field in generated certs (#10424) 2021-06-25 13:00:00 -05:00
csr.go connect/ca: cease including the common name field in generated certs (#10424) 2021-06-25 13:00:00 -05:00
generate.go connect: add validations around intermediate cert ttl (#7213) 2020-02-11 00:05:49 +01:00
generate_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
parsing.go Fix support for RSA CA keys in Connect. (#6638) 2019-11-01 13:20:26 +00:00
sni.go Leave todo about default name 2021-10-27 11:15:25 -06:00
sni_test.go Account for partition in SNI for gateways 2021-10-27 11:15:25 -06:00
testing_ca.go ca: remove unused RotationPeriod field 2021-07-05 19:15:44 -04:00
testing_ca_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
testing_spiffe.go connect: Add logic for updating secondary DC intermediate on config set 2020-11-13 14:33:44 -08:00
uri.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
uri_agent.go connect: include optional partition prefixes in SPIFFE identifiers (#10507) 2021-06-25 16:47:47 -05:00
uri_agent_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
uri_agent_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
uri_service.go connect: include optional partition prefixes in SPIFFE identifiers (#10507) 2021-06-25 16:47:47 -05:00
uri_service_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
uri_service_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
uri_signing.go ca: accept only the cluster ID to SpiffeIDSigningForCluster 2021-11-16 16:57:21 -05:00
uri_signing_test.go ca: accept only the cluster ID to SpiffeIDSigningForCluster 2021-11-16 16:57:21 -05:00
uri_test.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
x509_patch.go connect/ca: cease including the common name field in generated certs (#10424) 2021-06-25 13:00:00 -05:00
x509_patch_test.go connect/ca: cease including the common name field in generated certs (#10424) 2021-06-25 13:00:00 -05:00