luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/website/content/docs/secrets
History
Alexander Scheel ad3a093b40
Prevent PSS with Go-incompatible CAs, CSRs, Private Keys (#17223) 
* Fix interoperability concerns with PSS

When Go parses a certificate with rsaPSS OID, it will accept this
certificate but not parse the SubjectPublicKeyInfo, leaving the
PublicKeyAlgorithm and PublicKey fields blank, but otherwise not erring.
The same behavior occurs with rsaPSS OID CSRs.

On the other hand, when Go parses rsaPSS OID PKCS8 private keys, these
keys will fail to parse completely.

Thus, detect and fail on any empty PublicKey certs and CSRs, warning the
user that we cannot parse these correctly and thus refuse to operate.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Run more PKI tests in parallel

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add notes about PSS shortcomings to considerations

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-09-20 17:30:58 -04:00
..
databases + added Redis ElastiCache documentation (#17133) 2022-09-19 10:26:49 -04:00
identity identity/oidc: adds client_secret_post token endpoint authentication method (#16598) 2022-08-08 08:41:09 -07:00
key-management updated references from learn to tutorial (#14866) 2022-04-04 10:04:50 -07:00
kv Kv cas parameter documentation (#15885) 2022-06-08 16:51:08 -07:00
pki Prevent PSS with Go-incompatible CAs, CSRs, Private Keys (#17223) 2022-09-20 17:30:58 -04:00
ssh Docs: SSH CA Config & Comments. Resolves: #7529 (#16826) 2022-08-24 08:27:36 -04:00
transform Update transform documentation to include MSSQL. (#17021) 2022-09-06 10:55:48 -05:00
transit Fix a broken URL (#17192) 2022-09-19 08:57:07 -07:00
ad.mdx VAULT-6091 Document Duration Format String (#15920) 2022-06-13 08:51:07 -04:00
alicloud.mdx Fix broken links referencing to API docs (#14565) 2022-03-17 18:14:48 -07:00
aws.mdx Fix broken links referencing to API docs (#14565) 2022-03-17 18:14:48 -07:00
azure.mdx Update Vault Azure Secrets docs for permanent deletion feature (#17045) 2022-09-13 16:25:19 -07:00
consul.mdx updated usage example (#9081) 2022-08-24 09:03:30 -04:00
cubbyhole.mdx Typo fixes; numbering fixes. (#15010) 2022-04-13 15:01:04 -04:00
gcp.mdx Fix broken links referencing to API docs (#14565) 2022-03-17 18:14:48 -07:00
gcpkms.mdx Fix broken links referencing to API docs (#14565) 2022-03-17 18:14:48 -07:00
index.mdx Mount paths case-sensitivity (#16743) 2022-08-17 09:57:47 -07:00
kmip.mdx added content for network guidance (#16242) 2022-07-07 11:18:45 -07:00
kubernetes.mdx [Kubernetes Secret Engine]: Role namespace configuration possible via LabelSelector (#16240) 2022-07-19 13:11:45 -05:00
mongodbatlas.mdx Fix broken links referencing to API docs (#14565) 2022-03-17 18:14:48 -07:00
nomad.mdx Change all occurrence of 'backend' to 'secrets engine' (#16859) 2022-08-23 19:58:54 -07:00
openldap.mdx OpenLDAP secrets documentation, reflect some other objects may have userPassword (#8918) 2022-08-31 09:58:25 -07:00
rabbitmq.mdx Fix broken links referencing to API docs (#14565) 2022-03-17 18:14:48 -07:00
terraform.mdx Vault documentation: updated all references from Learn to Tutorial (#15514) 2022-05-19 18:04:46 -07:00
totp.mdx Fix broken links referencing to API docs (#14565) 2022-03-17 18:14:48 -07:00
venafi.mdx docs/multiplexing: overhaul plugin documentation (#14509) 2022-03-22 15:07:32 -05:00