backends for the moment. This is pretty simple; it just adds the actual
capability to make a list call into both the CLI and the HTTP handler.
The real meat was already in those backends.
Functionality is split into ExternalTokenHelper, which is used if a path
is given in a configuration file, and InternalTokenHelper which is used
otherwise. The internal helper no longer shells out to the same Vault
binary, instead performing the same actions with internal code. This
avoids problems using dev mode when there are spaces in paths or when
the binary is built in a container without a shell.
Fixes#850 among others
Supports creation and deletion of users in Cassandra using flexible CQL queries.
TLS, including client authentication, is supported.
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
Complete:
* Up-to-date API documents
* Backend configuration (root certificate and private key)
* Highly granular role configuration
* Certificate generation
* CN checking against role
* IP and DNS subject alternative names
* Server, client, and code signing usage types
* Later certificate (but not private key) retrieval
* CRL creation and update
* CRL/CA bare endpoints (for cert extensions)
* Revocation (both Vault-native and by serial number)
* CRL force-rotation endpoint
Missing:
* OCSP support (can't implement without changes in Vault)
* Unit tests
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>