Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* Fix pkcs7 parsing in some cases brings in mozilla-services/pkcs7#61 from upstream In some cases but not all, aws includes a certificate in the pkcs7 response, and currently vault fails to parse those certificates: ``` URL: PUT https://vault.example.com/v1/auth/aws/login Code: 500. Errors * failed to parse the BER encoded PKCS#7 signature: ber2der: Invalid BER format ``` This fixes logins on those instances. Note we could not readily ascertain why some instances have those certificates and others don't. * Add changelog entry * Correct missed line Co-authored-by: Jacob Burroughs <jburroughs@instructure.com>
- Loading branch information
1 parent
ee660f3
commit 80244bc
Showing
3 changed files
with
125 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
```release-note:bug | ||
auth/aws: Fix ec2 auth on instances that have a cert in their PKCS7 signature | ||
``` |