open-vault/builtin/logical/pki
Alexander Scheel 364a639cca
Integrate acme config enable/disable into tests (#20407)
* Add default ACME configuration, invalidate on write

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add enforcment of ACME enabled

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Validate requested role against ACME config

Co-authored-by: kitography <khaines@mit.edu>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add validation of issuer restrictions with ACME

Co-authored-by: kitography <khaines@mit.edu>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add validation around allowed config lenghts

Co-authored-by: kitography <khaines@mit.edu>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Prune later deemed unnecessary config options

Co-authored-by: kitography <khaines@mit.edu>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* make fmt

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: kitography <khaines@mit.edu>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-04-27 20:31:13 +00:00
..
cmd/pki adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
dnstest Add custom DNS resolver to ACME configuration (#20400) 2023-04-27 15:30:29 -04:00
acme_authorizations.go Better ACME wildcard validation (#20289) 2023-04-21 12:54:19 -04:00
acme_challenge_engine.go Add PKI ACME IP SANS test case (#20398) 2023-04-27 16:05:23 -04:00
acme_challenges.go Add custom DNS resolver to ACME configuration (#20400) 2023-04-27 15:30:29 -04:00
acme_challenges_test.go Add custom DNS resolver to ACME configuration (#20400) 2023-04-27 15:30:29 -04:00
acme_errors.go Add the ability to disable ACME through an OS environment variable (#20369) 2023-04-26 17:21:00 +00:00
acme_jws.go Add acme challenge validation engine (#20221) 2023-04-19 12:31:19 -04:00
acme_state.go Add custom DNS resolver to ACME configuration (#20400) 2023-04-27 15:30:29 -04:00
acme_state_test.go Move all ACME wrappers into a dedicated go file (#20174) 2023-04-14 14:12:31 -04:00
acme_wrappers.go Integrate acme config enable/disable into tests (#20407) 2023-04-27 20:31:13 +00:00
acme_wrappers_test.go Integrate acme config enable/disable into tests (#20407) 2023-04-27 20:31:13 +00:00
backend.go Add custom DNS resolver to ACME configuration (#20400) 2023-04-27 15:30:29 -04:00
backend_test.go Vault 13349 acme create new global configuration endpoints (#20228) 2023-04-26 17:16:09 +00:00
ca_test.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
ca_util.go Add support to load roles and issuers within ACME wrapper (#20333) 2023-04-25 13:29:07 +00:00
cert_util.go Better ACME wildcard validation (#20289) 2023-04-21 12:54:19 -04:00
cert_util_test.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
chain_test.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
chain_util.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
config_util.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
crl_test.go Implement ACME CSR signing and certificate retrieval (#20266) 2023-04-21 09:38:06 -04:00
crl_util.go Add warnings to crl rebuilds, allowing notifying operator of empty issuer equivalency sets (#20253) 2023-04-19 16:55:37 +00:00
fields.go Add support to load roles and issuers within ACME wrapper (#20333) 2023-04-25 13:29:07 +00:00
integration_test.go Move OCSP/PKI interop test to PKI engine (#20273) 2023-04-20 14:57:20 +00:00
key_util.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
managed_key_util.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
path_acme_account.go Enforce ACME accounts to a specific directory path (#20363) 2023-04-26 12:47:31 -04:00
path_acme_authorizations.go Add tests for fetching ACME authorizations and challenges (#20205) 2023-04-17 17:52:54 +00:00
path_acme_challenges.go Add acme challenge validation engine (#20221) 2023-04-19 12:31:19 -04:00
path_acme_directory.go Add a helper function to build ACME API patterns (#20180) 2023-04-14 18:48:33 +00:00
path_acme_nonce.go Add a helper function to build ACME API patterns (#20180) 2023-04-14 18:48:33 +00:00
path_acme_order.go Add ACME revocation handlers (#20340) 2023-04-25 16:48:30 -04:00
path_acme_revoke.go Add ACME revocation handlers (#20340) 2023-04-25 16:48:30 -04:00
path_acme_test.go Integrate acme config enable/disable into tests (#20407) 2023-04-27 20:31:13 +00:00
path_config_acme.go Integrate acme config enable/disable into tests (#20407) 2023-04-27 20:31:13 +00:00
path_config_ca.go openapi: Add display attributes for PKI plugin (#19422) 2023-04-06 11:10:01 -04:00
path_config_cluster.go openapi: Add display attributes for PKI plugin (#19422) 2023-04-06 11:10:01 -04:00
path_config_crl.go Add warnings to crl rebuilds, allowing notifying operator of empty issuer equivalency sets (#20253) 2023-04-19 16:55:37 +00:00
path_config_urls.go openapi: Add display attributes for PKI plugin (#19422) 2023-04-06 11:10:01 -04:00
path_fetch.go openapi: Add display attributes for PKI plugin (#19422) 2023-04-06 11:10:01 -04:00
path_fetch_issuers.go Fix reading issuer's enable_aia_url_templating value (#20354) 2023-04-25 16:48:05 -04:00
path_fetch_keys.go openapi: Add display attributes for PKI plugin (#19422) 2023-04-06 11:10:01 -04:00
path_intermediate.go openapi: Add display attributes for PKI plugin (#19422) 2023-04-06 11:10:01 -04:00
path_issue_sign.go Add support to load roles and issuers within ACME wrapper (#20333) 2023-04-25 13:29:07 +00:00
path_manage_issuers.go Add warnings to crl rebuilds, allowing notifying operator of empty issuer equivalency sets (#20253) 2023-04-19 16:55:37 +00:00
path_manage_keys.go openapi: Add display attributes for PKI plugin (#19422) 2023-04-06 11:10:01 -04:00
path_manage_keys_test.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
path_ocsp.go Remove extraneous certificate from OCSP response (#20201) 2023-04-17 16:40:26 +00:00
path_ocsp_test.go Remove extraneous certificate from OCSP response (#20201) 2023-04-17 16:40:26 +00:00
path_resign_crls.go openapi: Add display attributes for PKI plugin (#19422) 2023-04-06 11:10:01 -04:00
path_resign_crls_test.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
path_revoke.go Add ACME revocation handlers (#20340) 2023-04-25 16:48:30 -04:00
path_roles.go Add support to load roles and issuers within ACME wrapper (#20333) 2023-04-25 13:29:07 +00:00
path_roles_test.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
path_root.go Add warnings to crl rebuilds, allowing notifying operator of empty issuer equivalency sets (#20253) 2023-04-19 16:55:37 +00:00
path_sign_issuers.go openapi: Add display attributes for PKI plugin (#19422) 2023-04-06 11:10:01 -04:00
path_tidy.go Add warnings to crl rebuilds, allowing notifying operator of empty issuer equivalency sets (#20253) 2023-04-19 16:55:37 +00:00
path_tidy_test.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
periodic.go Fix building unified delta WAL, unified delta CRLs (#20058) 2023-04-11 18:02:58 +00:00
secret_certs.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
storage.go Add acme challenge validation engine (#20221) 2023-04-19 12:31:19 -04:00
storage_migrations.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
storage_migrations_test.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
storage_test.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
storage_unified.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
test_helpers.go Initial ACME new-nonce API (#19822) 2023-03-29 18:22:48 +00:00
util.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00