-
Notifications
You must be signed in to change notification settings - Fork 4.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ca: add support for an external trusted CA #11910
Merged
dnephin
merged 9 commits into
main
from
dnephin/ca-provider-interface-for-ica-in-primary
Feb 22, 2022
Merged
ca: add support for an external trusted CA #11910
dnephin
merged 9 commits into
main
from
dnephin/ca-provider-interface-for-ica-in-primary
Feb 22, 2022
Commits on Feb 17, 2022
-
ca: only return the leaf cert from Sign in vault provider
The interface is documented as 'Sign will only return the leaf', and the other providers only return the leaf. It seems like this was added during the initial implementation, so is likely just something we missed. It doesn't break anything , but it does cause confusing cert chains in the API response which could break something in the future.
Configuration menu - View commit details
-
Copy full SHA for c1c1580 - Browse repository at this point
Copy the full SHA c1c1580View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8699481 - Browse repository at this point
Copy the full SHA 8699481View commit details -
Configuration menu - View commit details
-
Copy full SHA for 71f3ae0 - Browse repository at this point
Copy the full SHA 71f3ae0View commit details -
ca: examine the full chain in newCARoot
make TestNewCARoot much more strict compare the full result instead of only a few fields. add a test case with 2 and 3 certificates in the pem
Configuration menu - View commit details
-
Copy full SHA for 42ec34d - Browse repository at this point
Copy the full SHA 42ec34dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5e8ea2a - Browse repository at this point
Copy the full SHA 5e8ea2aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1853a32 - Browse repository at this point
Copy the full SHA 1853a32View commit details -
Configuration menu - View commit details
-
Copy full SHA for 12f12d5 - Browse repository at this point
Copy the full SHA 12f12d5View commit details -
Update TODOs to reference an issue with more details
And remove a no longer needed TODO
Configuration menu - View commit details
-
Copy full SHA for 6b679aa - Browse repository at this point
Copy the full SHA 6b679aaView commit details -
ca: test that original certs from secondary still verify
There's a chance this could flake if the secondary hasn't received the update yet, but running this test many times doesn't show any flakes yet.
Configuration menu - View commit details
-
Copy full SHA for 6021105 - Browse repository at this point
Copy the full SHA 6021105View commit details
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.