status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-11 14:24:39 +00:00
Code Issues Projects Releases Wiki Activity
consul/agent/connect/uri_server.go
Freddy f4dfd42e0a
Add SpiffeID for Consul server agents (#14485) 
Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com>

By adding a SpiffeID for server agents, servers can now request a leaf
certificate from the Connect CA.

This new Spiffe ID has a key property: servers are identified by their
datacenter name and trust domain. All servers that share these
attributes will share a ServerURI.

The aim is to use these certificates to verify the server name of ANY
server in a Consul datacenter.
2022-09-06 17:58:13 -06:00

21 lines
359 B
Go
Raw Blame History

package connect
import (
"fmt"
"net/url"
)
type SpiffeIDServer struct {
Host string
Datacenter string
}
// URI returns the *url.URL for this SPIFFE ID.
func (id SpiffeIDServer) URI() *url.URL {
var result url.URL
result.Scheme = "spiffe"
result.Host = id.Host
result.Path = fmt.Sprintf("/agent/server/dc/%s", id.Datacenter)
return &result
}
Reference in New Issue View Git Blame Copy Permalink