open-vault

Commit Graph

Author	SHA1	Message	Date
Hamid Ghaf	27bb03bbc0	adding copyright header (#19555 ) * adding copyright header * fix fmt and a test	2023-03-15 09:00:52 -07:00
Alexander Scheel	c81bec4d06	Clean up dev cert construction (#17657 ) Vault's new TLS devvault mode has two nits with certificate construction: 1. The CA doesn't need to include any SANs, as these aren't checked. Technically this means the CA could be reused as a leaf certificate for the one specified IP SAN, which is less desirable. 2. Add hostname to SANs in addition to CNs. This is a best practice, as (when the CN is a hostname), it is preferable to have everything in SANs as well. Neither of these are major changes. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>	2022-10-26 15:29:37 -04:00
Jason O'Donnell	140406143e	command/server: add dev-tls flag (#16421 ) * command/server: add dev-tls flag * Add website documentation * changelog * Lower file permissions * Update cert gen per review * Add dev-tls-cert-dir flag and cert clean up * fmt * Update cert generation per review * Remove unused function * Add better error messages * Log errors in cleanup, fix directory not existing bug * Remove hidden flag from -dev-tls-cert-dir * Add usage * Update 16421.txt * Update variable names for files * Remove directory on cleanup	2022-07-22 14:04:03 -04:00

Author

SHA1

Message

Date

Hamid Ghaf

27bb03bbc0

adding copyright header (#19555 )

* adding copyright header

* fix fmt and a test

2023-03-15 09:00:52 -07:00

Alexander Scheel

c81bec4d06

Clean up dev cert construction (#17657 )

Vault's new TLS devvault mode has two nits with certificate
construction:

 1. The CA doesn't need to include any SANs, as these aren't checked.
    Technically this means the CA could be reused as a leaf certificate
    for the one specified IP SAN, which is less desirable.
 2. Add hostname to SANs in addition to CNs. This is a best practice, as
    (when the CN is a hostname), it is preferable to have everything in
    SANs as well.

Neither of these are major changes.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

2022-10-26 15:29:37 -04:00

Jason O'Donnell

140406143e

command/server: add dev-tls flag (#16421 )

* command/server: add dev-tls flag

* Add website documentation

* changelog

* Lower file permissions

* Update cert gen per review

* Add dev-tls-cert-dir flag and cert clean up

* fmt

* Update cert generation per review

* Remove unused function

* Add better error messages

* Log errors in cleanup, fix directory not existing bug

* Remove hidden flag from -dev-tls-cert-dir

* Add usage

* Update 16421.txt

* Update variable names for files

* Remove directory on cleanup

2022-07-22 14:04:03 -04:00

3 Commits