Jeff Mitchell
e2c15eb693
Merge pull request #1129 from hashicorp/pki-tidy
...
Add "pki/tidy" which allows removing expired certificates.
2016-02-25 10:39:54 -05:00
Jeff Mitchell
c9a038b142
changelog++
2016-02-25 08:55:23 -05:00
Jeff Mitchell
6b6005ee2e
Remove root token requirement from GitHub configuration
2016-02-25 08:51:53 -05:00
Jeff Mitchell
8ca847c9b3
Be more explicit about buffer type
2016-02-24 22:05:39 -05:00
Jeff Mitchell
efc48f2473
Fix CLI formatter to show warnings again on CLI list output.
2016-02-24 21:45:58 -05:00
Jeff Mitchell
5a35ee2ddd
Merge pull request #1080 from jkanywhere/improve-formatter
...
Refactor formatting of output
2016-02-24 21:36:57 -05:00
Jeff Mitchell
151eaf9ec0
Add documentation for pki/tidy
2016-02-24 21:31:29 -05:00
Jeff Mitchell
7d41607b6e
Add "tidy/" which allows removing expired certificates.
...
A buffer is used to ensure that we only remove certificates that are
both expired and for which the buffer has past. Options allow removal
from revoked/ and/or certs/.
2016-02-24 21:24:48 -05:00
Jeff Mitchell
36672bbf1f
Add information about the cert renewal enhancements to the upgrade guide
2016-02-24 21:24:20 -05:00
Jeff Mitchell
842f6670d1
Add upgrade information
2016-02-24 21:13:44 -05:00
vishalnayak
f16598e338
changelog++
2016-02-24 21:11:21 -05:00
Vishal Nayak
5dcfe7a231
Merge pull request #1127 from hashicorp/iss1000-cert-renewal
...
Cert: renewal enhancements
2016-02-24 21:05:12 -05:00
vishalnayak
69bcbb28aa
rename verify_cert as disable_binding and invert the logic
2016-02-24 21:01:21 -05:00
vishalnayak
cf0156e5b4
documentation for the config endpoint
2016-02-24 17:13:24 -05:00
vishalnayak
902c780f2b
make the verification of certs in renewal configurable
2016-02-24 16:42:20 -05:00
vishalnayak
bc4710eb06
Cert: renewal enhancements
2016-02-24 14:31:38 -05:00
Jack Pearkes
d065425f44
website: fix hover state for annc banner
2016-02-24 11:18:10 -08:00
Jack Pearkes
c3fd1f8853
Merge pull request #1119 from hashicorp/jt-enterprise-bnr
...
Vault Enterprise Banner and Nav
2016-02-24 11:03:09 -08:00
captainill
a83db21a77
website: announcement banner for vault enterprise
2016-02-24 10:59:31 -08:00
vishalnayak
f40a65be20
changelog++
2016-02-24 11:04:19 -05:00
Vishal Nayak
d92b8cff8e
Merge pull request #1039 from hashicorp/vault-iss539-app-id
...
Added renewal capability to app-id backend
2016-02-24 10:59:58 -05:00
vishalnayak
053bbd97ea
check CIDR block for renewal as well
2016-02-24 10:55:31 -05:00
vishalnayak
978075a1b4
Added renewal capability to app-id backend
2016-02-24 10:40:15 -05:00
Vishal Nayak
0f017568e5
Merge pull request #1123 from hashicorp/ssh-add-tls-skip-verify
...
Use tls_skip_verify in vault-ssh-helper
2016-02-23 22:06:46 -05:00
vishalnayak
c42ade8982
Use tls_skip_verify in vault-ssh-helper
2016-02-23 17:32:49 -05:00
Jeff Mitchell
f745148249
changelog++
2016-02-23 13:24:57 -05:00
Jeff Mitchell
536c04a293
Merge pull request #1121 from mhurne/improve-error-on-sts-read-with-arn-policy
...
Improve error message when client attempts to generate STS creds for managed policy
2016-02-23 13:22:44 -05:00
Matt Hurne
f4d8852259
Add note that STS credentials can only be generated for user inline policies in AWS secret backend documentation
2016-02-23 09:06:52 -05:00
Matt Hurne
11187112bc
Improve error message returned when client attempts to generate STS credentials for a managed policy; addresses #1113
2016-02-23 08:58:28 -05:00
Vishal Nayak
eb95205f99
Merge pull request #1118 from hashicorp/ssh-api-fix
...
ssh-helper related API changes
2016-02-23 00:20:20 -05:00
vishalnayak
00d01043fd
ssh-helper api changes
2016-02-23 00:16:00 -05:00
Jeff Mitchell
434962c632
We treat put/post the same, so allow init to use POST
2016-02-22 20:22:31 -05:00
Jeff Mitchell
291352fd99
changelog++
2016-02-22 19:52:48 -05:00
Jeff Mitchell
84d87b171b
Merge pull request #1117 from hashicorp/add-time-to-responses
...
Add the server's time in UTC to the health response.
2016-02-22 19:52:03 -05:00
Jeff Mitchell
76923aa28a
Add the server's time in UTC to the health response.
2016-02-22 19:51:18 -05:00
Jeff Mitchell
f56e4a604d
Merge pull request #1114 from hashicorp/dont-delete-certs
...
Do not delete certs (or revocation information)
2016-02-22 16:11:13 -05:00
Jeff Mitchell
4514192145
Address review feedback
2016-02-22 16:11:01 -05:00
Jeff Mitchell
9a1ddf6d5f
changelog++
2016-02-22 13:40:27 -05:00
Jeff Mitchell
f43ab6a25d
Remove extra debugging from PKI tests
2016-02-22 13:39:05 -05:00
Jeff Mitchell
f27eab1d28
Do not delete certs (or revocation information) to avoid potential
...
issues related to time synchronization. A function will be added to
allow operators to perform cleanup at chosen times.
2016-02-22 13:36:17 -05:00
Jeff Mitchell
51ced69bf8
Fix issue where leftover values after cn tests could trigger errors in ipsan tests
2016-02-22 13:35:57 -05:00
vishalnayak
e2e15376dd
changelog++
2016-02-22 11:41:13 -05:00
Vishal Nayak
949f8a6b69
Merge pull request #1112 from hashicorp/1089-postgres-connection-url
...
postgres: connection_url fix
2016-02-22 11:36:04 -05:00
Jeff Mitchell
4c327ca4cc
More improvements to PKI tests; allow setting a specific seed, output
...
the seed to the console, and split generated steps to make it
understandable which seed is for which set of steps.
2016-02-22 11:22:52 -05:00
vishalnayak
c9899a5300
postgres: connection_url fix
2016-02-22 11:22:49 -05:00
Vishal Nayak
879db1766a
Merge pull request #1108 from vanhalt/fixing_write_help
...
When writing from a file it must be a JSON file
2016-02-22 11:01:21 -05:00
Jeff Mitchell
8d4c6f4c98
Use more fuzziness in PKI backend tests
2016-02-22 10:59:37 -05:00
vanhalt
a387725e96
help sentence improved
2016-02-22 09:38:30 -06:00
Jeff Mitchell
392a26e9cd
Better handle errors from fetchCertBySerial
2016-02-22 10:36:26 -05:00
vanhalt
31862dc5c2
When writing from a file it must be a JSON file
...
Making clear from write help text that when writing secrets
using @file, the file must be a JSON file.
2016-02-21 19:02:09 -06:00