Commit graph

27 commits

Author SHA1 Message Date
Erik Kristensen 2233f993ae initial pass at JWT secret backend 2015-08-06 17:49:44 -06:00
Armon Dadgar 3c58773598 Merge pull request #380 from kgutwin/cert-cli
Enable TLS client cert authentication via the CLI
2015-06-30 11:44:28 -07:00
Jeff Mitchell fccbc587c6 A Cassandra secrets backend.
Supports creation and deletion of users in Cassandra using flexible CQL queries.

TLS, including client authentication, is supported.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:04:01 -04:00
Karl Gutwin dafcc5b2ce enable CLI cert login 2015-06-29 23:29:41 -04:00
Jeff Mitchell e086879fa3 Merge remote-tracking branch 'upstream/master' into f-pki 2015-06-19 13:01:26 -04:00
Armon Dadgar c54868120a command/path-help: rename command, better error if sealed. Fixes #234 2015-06-18 15:56:42 -07:00
Armon Dadgar 6bc2b06de4 server: graceful shutdown for fast failover. Fixes #308 2015-06-17 18:24:56 -07:00
Jeff Mitchell 0d832de65d Initial PKI backend implementation.
Complete:
* Up-to-date API documents
* Backend configuration (root certificate and private key)
* Highly granular role configuration
* Certificate generation
* CN checking against role
* IP and DNS subject alternative names
* Server, client, and code signing usage types
* Later certificate (but not private key) retrieval
* CRL creation and update
* CRL/CA bare endpoints (for cert extensions)
* Revocation (both Vault-native and by serial number)
* CRL force-rotation endpoint

Missing:
* OCSP support (can't implement without changes in Vault)
* Unit tests

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-08 00:06:09 -04:00
Armon Dadgar 9a162191cd command/rekey: first pass at rekey 2015-05-28 15:08:09 -07:00
Armon Dadgar 42b91fe411 command/rotate: Adding new rotate command 2015-05-28 10:16:33 -07:00
Armon Dadgar 388022bac1 command/key-status: Adding new key-status command 2015-05-27 18:17:02 -07:00
Mitchell Hashimoto 91a852e259 cli: should be != 2015-05-11 11:45:48 -07:00
Mitchell Hashimoto fbc051a941 cli: typo 2015-05-11 11:45:02 -07:00
Mitchell Hashimoto a641510ed8 cli: fix dev on version flga 2015-05-11 11:44:44 -07:00
Giovanni Bajo 7492c5712a Initial implementation of the LDAP credential backend 2015-05-09 22:04:19 +02:00
Armon Dadgar bb1dd509d7 audit/syslog: first pass 2015-04-27 15:56:40 -07:00
Armon Dadgar 57d54c2e94 commands: enable the mysql secret backend 2015-04-25 12:06:08 -07:00
Armon Dadgar f30c9c1509 Enable the credential backend 2015-04-23 21:46:30 -07:00
Armon Dadgar f76e5b2fc5 command: Rename seal-status to status 2015-04-20 12:11:21 -07:00
Mitchell Hashimoto 9ab464e518 cli: add token-renew 2015-04-19 18:04:24 -07:00
Mitchell Hashimoto 0ebf2508e0 command/policy-delete 2015-04-19 16:36:11 -07:00
Mitchell Hashimoto 0b7e7190b5 credentials/userpass: integrate into auth cli 2015-04-19 15:17:24 -07:00
Mitchell Hashimoto 4109218635 cli: add postgresql 2015-04-18 18:44:23 -07:00
Armon Dadgar 07bffafbbd Adding transit logical backend 2015-04-15 17:08:12 -07:00
Mitchell Hashimoto 0cc0fb066b command/renew 2015-04-13 20:42:07 -07:00
Mitchell Hashimoto fdf964d17e cli: make commands more customizable 2015-04-12 17:19:26 -07:00
Mitchell Hashimoto 57be8bcc09 move the cli to the cli/ package so enterprising individuals can call it 2015-04-12 16:58:45 -07:00
Renamed from commands.go (Browse further)