33a9218115
* Include full chain in /cert/ca_chain response This allows callers to get the full chain (including issuing certificates) from a call to /cert/ca_chain. Previously, most endpoints (including during issuance) do not include the root authority, requiring an explicit call to /cert/ca to fetch. This allows full chains to be constructed without without needing multiple calls to the API. Resolves: #13489 Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add test case for full CA issuance We test three main scenarios: 1. A root-only CA's `/cert/ca_chain`'s `.data.ca_chain` field should contain only the root, 2. An intermediate CA (with root provide) should contain both the root and the intermediate. 3. An external (e.g., `/config/ca`-provided) CA with both root and intermediate should contain both certs. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add documentation for new ca_chain field Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add changelog entry Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add note about where to find the entire chain Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> |
||
|---|---|---|
| .. | ||
| database | ||
| framework | ||
| helper | ||
| logical | ||
| physical | ||
| plugin | ||
| queue | ||
| version | ||
| README.md | ||
| go.mod | ||
| go.sum | ||
README.md
Vault SDK libs
This package provides the sdk package which contains code useful for
developing Vault plugins.
Although we try not to break functionality, we reserve the right to reorganize
the code at will and may occasionally cause breaks if they are warranted. As
such we expect the tag of this module will stay less than v1.0.0.
For any major changes we will try to give advance notice in the CHANGES section of Vault's CHANGELOG.md.