luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/command
History
Hans Hasselberg 315ba7d6ad
connect: check if intermediate cert needs to be renewed. (#6835) 
Currently when using the built-in CA provider for Connect, root certificates are valid for 10 years, however secondary DCs get intermediates that are valid for only 1 year. There is no mechanism currently short of rotating the root in the primary that will cause the secondary DCs to renew their intermediates.
This PR adds a check that renews the cert if it is half way through its validity period.

In order to be able to test these changes, a new configuration option was added: IntermediateCertTTL which is set extremely low in the tests.
 		2020-01-17 23:27:13 +01:00
..
acl Add Namespace support to the API module and the CLI commands (#6874) 2019-12-06 11:14:56 -05:00
agent log rotation: limit count of rotated log files (#5831) 2019-07-19 15:36:34 -06:00
catalog Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
config Expose HTTP-based paths through Connect proxy (#6446) 2019-09-25 20:55:52 -06:00
connect connect: check if intermediate cert needs to be renewed. (#6835) 2020-01-17 23:27:13 +01:00
debug fix: incorrect struct tag and WaitGroup usage (#6649) 2019-10-18 13:59:29 -04:00
event Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
exec Flaky test overhaul (#6100) 2019-07-12 09:52:26 -06:00
flags Revert "Remove docs refs to NS inference from ACL token" (#6976) 2019-12-20 11:52:50 -05:00
forceleave give feedback to CLI user on forceleave command if node does not exist (#6841) 2019-12-02 11:06:15 -08:00
helpers Centralized Config CLI (#5731) 2019-04-30 16:27:16 -07:00
info Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
intention Move internal/ to sdk/ (#5568) 2019-03-27 08:54:56 -04:00
join Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
keygen Update default gossip encryption key size to 32 bytes 2019-07-30 09:45:41 -06:00
keyring add flag to allow /operator/keyring requests to only hit local servers (#6279) 2019-08-12 11:11:11 -07:00
kv Add Namespace support to the API module and the CLI commands (#6874) 2019-12-06 11:14:56 -05:00
leave Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
lock Merge pull request #5376 from hashicorp/fix-tests 2019-04-04 17:09:32 -04:00
login Add Namespace support to the API module and the CLI commands (#6874) 2019-12-06 11:14:56 -05:00
logout Add Namespace support to the API module and the CLI commands (#6874) 2019-12-06 11:14:56 -05:00
maint Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
members Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
monitor test: ensure all TestAgent constructions use a constructor (#6443) 2019-09-05 10:24:36 -07:00
operator Set MinQuorum variable in Autopilot (#6654) 2019-10-29 09:04:41 -05:00
reload Pass a testing.T into NewTestAgent and TestAgent.Start (#5342) 2019-02-14 10:59:14 -05:00
rtt Move internal/ to sdk/ (#5568) 2019-03-27 08:54:56 -04:00
services Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
snapshot Move internal/ to sdk/ (#5568) 2019-03-27 08:54:56 -04:00
tls tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
validate Move internal/ to sdk/ (#5568) 2019-03-27 08:54:56 -04:00
version commands: run all tests in parallel (again) 2017-10-18 00:08:45 +02:00
watch cli: actually allow the 'connect envoy' and 'watch' subcommands to work with -token-file (#5733) 2019-04-30 09:59:00 -05:00
commands_oss.go Fix envoy 1.10 exec (#5964) 2019-06-21 16:06:25 +01:00
registry.go Abandon daemonize for simpler solution (preserving history): 2018-06-25 12:24:10 -07:00