Kyle Havlovitz
|
c6e1b72ccb
|
Simplify the CA provider interface by moving some logic out
|
2018-06-14 09:42:04 -07:00 |
Kyle Havlovitz
|
a325388939
|
Clarify some comments and names around CA bootstrapping
|
2018-06-14 09:42:04 -07:00 |
Kyle Havlovitz
|
33418afd3c
|
Add cross-signing mechanism to root rotation
|
2018-06-14 09:42:00 -07:00 |
Kyle Havlovitz
|
d83fbfc766
|
Add the root rotation mechanism to the CA config endpoint
|
2018-06-14 09:41:59 -07:00 |
Kyle Havlovitz
|
f9d92d795e
|
Have the built in CA store its state in raft
|
2018-06-14 09:41:59 -07:00 |
Kyle Havlovitz
|
9fc33d2a62
|
Add the CA provider interface and built-in provider
|
2018-06-14 09:41:58 -07:00 |
Paul Banks
|
10db79c8ae
|
Rework connect/proxy and command/connect/proxy. End to end demo working again
|
2018-06-14 09:41:57 -07:00 |
Paul Banks
|
26e65f6bfd
|
connect.Service based implementation after review feedback.
|
2018-06-14 09:41:56 -07:00 |
Mitchell Hashimoto
|
3ef0b93159
|
agent/connect: Authorize for CertURI
|
2018-06-14 09:41:54 -07:00 |
Mitchell Hashimoto
|
ffe4cdfc15
|
agent/connect: support any values in the URL
|
2018-06-14 09:41:54 -07:00 |
Mitchell Hashimoto
|
75bf0e1638
|
agent/connect: support SpiffeIDSigning
|
2018-06-14 09:41:53 -07:00 |
Mitchell Hashimoto
|
17ca8ad083
|
agent/connect: rename SpiffeID to CertURI
|
2018-06-14 09:41:53 -07:00 |
Mitchell Hashimoto
|
0cbcb07d61
|
agent/connect: use proper keyusage fields for CA and leaf
|
2018-06-14 09:41:53 -07:00 |
Mitchell Hashimoto
|
73442ada5a
|
agent/connect: address PR feedback for the CA.go file
|
2018-06-14 09:41:53 -07:00 |
Mitchell Hashimoto
|
a54d1af421
|
agent/consul: encode issued cert serial number as hex encoded
|
2018-06-14 09:41:53 -07:00 |
Mitchell Hashimoto
|
c2588262b7
|
agent: /v1/connect/ca/leaf/:service_id
|
2018-06-14 09:41:52 -07:00 |
Mitchell Hashimoto
|
891cd22ad9
|
agent/consul: key the public key of the CSR, verify in test
|
2018-06-14 09:41:51 -07:00 |
Mitchell Hashimoto
|
d768d5e9a7
|
agent/consul: test for ConnectCA.Sign
|
2018-06-14 09:41:51 -07:00 |
Mitchell Hashimoto
|
f4ec28bfe3
|
agent/consul: basic sign endpoint not tested yet
|
2018-06-14 09:41:51 -07:00 |
Mitchell Hashimoto
|
548ce190d5
|
agent/connect: package for agent-related Connect, parse SPIFFE IDs
|
2018-06-14 09:41:50 -07:00 |