Kyle Havlovitz
|
32d1eae28b
|
Move ConsulCAProviderConfig into structs package
|
2018-06-14 09:42:04 -07:00 |
Kyle Havlovitz
|
c6e1b72ccb
|
Simplify the CA provider interface by moving some logic out
|
2018-06-14 09:42:04 -07:00 |
Kyle Havlovitz
|
a325388939
|
Clarify some comments and names around CA bootstrapping
|
2018-06-14 09:42:04 -07:00 |
Kyle Havlovitz
|
33418afd3c
|
Add cross-signing mechanism to root rotation
|
2018-06-14 09:42:00 -07:00 |
Kyle Havlovitz
|
d83fbfc766
|
Add the root rotation mechanism to the CA config endpoint
|
2018-06-14 09:41:59 -07:00 |
Kyle Havlovitz
|
f9d92d795e
|
Have the built in CA store its state in raft
|
2018-06-14 09:41:59 -07:00 |
Kyle Havlovitz
|
ab737ef0f8
|
Hook the CA RPC endpoint into the provider interface
|
2018-06-14 09:41:59 -07:00 |
Mitchell Hashimoto
|
a54d1af421
|
agent/consul: encode issued cert serial number as hex encoded
|
2018-06-14 09:41:53 -07:00 |
Mitchell Hashimoto
|
4210003c86
|
agent/structs: hide some fields from JSON
|
2018-06-14 09:41:52 -07:00 |
Mitchell Hashimoto
|
63d674d07d
|
agent: /v1/connect/ca/configuration PUT for setting configuration
|
2018-06-14 09:41:52 -07:00 |
Mitchell Hashimoto
|
c2588262b7
|
agent: /v1/connect/ca/leaf/:service_id
|
2018-06-14 09:41:52 -07:00 |
Mitchell Hashimoto
|
e40afd6a73
|
agent/consul: CAS operations for setting the CA root
|
2018-06-14 09:41:51 -07:00 |
Mitchell Hashimoto
|
891cd22ad9
|
agent/consul: key the public key of the CSR, verify in test
|
2018-06-14 09:41:51 -07:00 |
Mitchell Hashimoto
|
d768d5e9a7
|
agent/consul: test for ConnectCA.Sign
|
2018-06-14 09:41:51 -07:00 |
Mitchell Hashimoto
|
f4ec28bfe3
|
agent/consul: basic sign endpoint not tested yet
|
2018-06-14 09:41:51 -07:00 |
Mitchell Hashimoto
|
6d294b6bb4
|
agent/structs: json omit QueryMeta
|
2018-06-14 09:41:50 -07:00 |
Mitchell Hashimoto
|
130098b7b5
|
agent/consul/state: CARoot structs and initial state store
|
2018-06-14 09:41:49 -07:00 |