12c00b97ef
This can be seen via System(). In the PKI backend, if the CA is reconfigured but not fully (e.g. an intermediate CSR is generated but no corresponding cert set) and there are already leases (issued certs), the CRL is unable to be built. As a result revocation fails. But in this case we don't actually need revocation to be successful since the CRL is useless after unmounting. By checking taint status we know if we can simply fast-path out of revocation with a success in this case. Fixes #946 |
||
---|---|---|
.. | ||
backend.go | ||
backend_test.go | ||
ca_util.go | ||
cert_util.go | ||
crl_util.go | ||
fields.go | ||
path_config_ca.go | ||
path_config_crl.go | ||
path_config_urls.go | ||
path_fetch.go | ||
path_intermediate.go | ||
path_issue_sign.go | ||
path_revoke.go | ||
path_roles.go | ||
path_root.go | ||
secret_certs.go |