Commit graph

3315 commits

Author SHA1 Message Date
Jeff Mitchell b61f43d34c Update documentation around VAULT_TLS_SERVER_NAME 2016-02-25 12:29:05 -05:00
Jeff Mitchell 447fba425c Merge pull request #1131 from rmt/master
Add VAULT_TLS_SERVER_NAME environment variable
2016-02-25 12:27:14 -05:00
Jeff Mitchell 99d7edfeea Bump TF variables 2016-02-25 11:29:03 -05:00
Robert M. Thomson 024407518b Add VAULT_TLS_SERVER_NAME environment variable
If specified, verify a specific server name during TLS negotiation
rather than the server name in the URL.
2016-02-25 17:28:49 +01:00
Jeff Mitchell 7e36ff547d TF_DEV->VAULT_DEV_BUILD 2016-02-25 11:05:51 -05:00
Jeff Mitchell 0355fc0691 changelog++ 2016-02-25 10:59:57 -05:00
Jeff Mitchell db4450d3f3 Bump website version number 2016-02-25 10:44:18 -05:00
Jeff Mitchell ba86ffa691 Bump version numbers 2016-02-25 10:42:13 -05:00
Jeff Mitchell 5b1465a3ca changelog++ 2016-02-25 10:41:19 -05:00
Jeff Mitchell e2c15eb693 Merge pull request #1129 from hashicorp/pki-tidy
Add "pki/tidy" which allows removing expired certificates.
2016-02-25 10:39:54 -05:00
Jeff Mitchell c9a038b142 changelog++ 2016-02-25 08:55:23 -05:00
Jeff Mitchell 6b6005ee2e Remove root token requirement from GitHub configuration 2016-02-25 08:51:53 -05:00
Jeff Mitchell 8ca847c9b3 Be more explicit about buffer type 2016-02-24 22:05:39 -05:00
Jeff Mitchell efc48f2473 Fix CLI formatter to show warnings again on CLI list output. 2016-02-24 21:45:58 -05:00
Jeff Mitchell 5a35ee2ddd Merge pull request #1080 from jkanywhere/improve-formatter
Refactor formatting of output
2016-02-24 21:36:57 -05:00
Jeff Mitchell 151eaf9ec0 Add documentation for pki/tidy 2016-02-24 21:31:29 -05:00
Jeff Mitchell 7d41607b6e Add "tidy/" which allows removing expired certificates.
A buffer is used to ensure that we only remove certificates that are
both expired and for which the buffer has past. Options allow removal
from revoked/ and/or certs/.
2016-02-24 21:24:48 -05:00
Jeff Mitchell 36672bbf1f Add information about the cert renewal enhancements to the upgrade guide 2016-02-24 21:24:20 -05:00
Jeff Mitchell 842f6670d1 Add upgrade information 2016-02-24 21:13:44 -05:00
vishalnayak f16598e338 changelog++ 2016-02-24 21:11:21 -05:00
Vishal Nayak 5dcfe7a231 Merge pull request #1127 from hashicorp/iss1000-cert-renewal
Cert: renewal enhancements
2016-02-24 21:05:12 -05:00
vishalnayak 69bcbb28aa rename verify_cert as disable_binding and invert the logic 2016-02-24 21:01:21 -05:00
vishalnayak cf0156e5b4 documentation for the config endpoint 2016-02-24 17:13:24 -05:00
vishalnayak 902c780f2b make the verification of certs in renewal configurable 2016-02-24 16:42:20 -05:00
vishalnayak bc4710eb06 Cert: renewal enhancements 2016-02-24 14:31:38 -05:00
Jack Pearkes d065425f44 website: fix hover state for annc banner 2016-02-24 11:18:10 -08:00
Jack Pearkes c3fd1f8853 Merge pull request #1119 from hashicorp/jt-enterprise-bnr
Vault Enterprise Banner and Nav
2016-02-24 11:03:09 -08:00
captainill a83db21a77 website: announcement banner for vault enterprise 2016-02-24 10:59:31 -08:00
vishalnayak f40a65be20 changelog++ 2016-02-24 11:04:19 -05:00
Vishal Nayak d92b8cff8e Merge pull request #1039 from hashicorp/vault-iss539-app-id
Added renewal capability to app-id backend
2016-02-24 10:59:58 -05:00
vishalnayak 053bbd97ea check CIDR block for renewal as well 2016-02-24 10:55:31 -05:00
vishalnayak 978075a1b4 Added renewal capability to app-id backend 2016-02-24 10:40:15 -05:00
Vishal Nayak 0f017568e5 Merge pull request #1123 from hashicorp/ssh-add-tls-skip-verify
Use tls_skip_verify in vault-ssh-helper
2016-02-23 22:06:46 -05:00
vishalnayak c42ade8982 Use tls_skip_verify in vault-ssh-helper 2016-02-23 17:32:49 -05:00
Jeff Mitchell f745148249 changelog++ 2016-02-23 13:24:57 -05:00
Jeff Mitchell 536c04a293 Merge pull request #1121 from mhurne/improve-error-on-sts-read-with-arn-policy
Improve error message when client attempts to generate STS creds for managed policy
2016-02-23 13:22:44 -05:00
Matt Hurne f4d8852259 Add note that STS credentials can only be generated for user inline policies in AWS secret backend documentation 2016-02-23 09:06:52 -05:00
Matt Hurne 11187112bc Improve error message returned when client attempts to generate STS credentials for a managed policy; addresses #1113 2016-02-23 08:58:28 -05:00
Vishal Nayak eb95205f99 Merge pull request #1118 from hashicorp/ssh-api-fix
ssh-helper related API changes
2016-02-23 00:20:20 -05:00
vishalnayak 00d01043fd ssh-helper api changes 2016-02-23 00:16:00 -05:00
Jeff Mitchell 434962c632 We treat put/post the same, so allow init to use POST 2016-02-22 20:22:31 -05:00
Jeff Mitchell 291352fd99 changelog++ 2016-02-22 19:52:48 -05:00
Jeff Mitchell 84d87b171b Merge pull request #1117 from hashicorp/add-time-to-responses
Add the server's time in UTC to the health response.
2016-02-22 19:52:03 -05:00
Jeff Mitchell 76923aa28a Add the server's time in UTC to the health response. 2016-02-22 19:51:18 -05:00
Jeff Mitchell f56e4a604d Merge pull request #1114 from hashicorp/dont-delete-certs
Do not delete certs (or revocation information)
2016-02-22 16:11:13 -05:00
Jeff Mitchell 4514192145 Address review feedback 2016-02-22 16:11:01 -05:00
Jeff Mitchell 9a1ddf6d5f changelog++ 2016-02-22 13:40:27 -05:00
Jeff Mitchell f43ab6a25d Remove extra debugging from PKI tests 2016-02-22 13:39:05 -05:00
Jeff Mitchell f27eab1d28 Do not delete certs (or revocation information) to avoid potential
issues related to time synchronization. A function will be added to
allow operators to perform cleanup at chosen times.
2016-02-22 13:36:17 -05:00
Jeff Mitchell 51ced69bf8 Fix issue where leftover values after cn tests could trigger errors in ipsan tests 2016-02-22 13:35:57 -05:00