status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
consul/agent/connect
History
Matt Keeler 7cddf128e9
Backport #9570 to release/1.8.x: Ensure that CA initialization does not block leader election. (#9571) 
Backport of PR: 9570

After fixing that bug I uncovered a couple more:

Fix an issue where we might try to cross sign a cert when we never had a valid root.
Fix a potential issue where reconfiguring the CA could cause either the Vault or AWS PCA CA providers to delete resources that are still required by the new incarnation of the CA.

Ensure that CA initialization does not block leader election.

After fixing that bug I uncovered a couple more:

Fix an issue where we might try to cross sign a cert when we never had a valid root.
Fix a potential issue where reconfiguring the CA could cause either the Vault or AWS PCA CA providers to delete resources that are still required by the new incarnation of the CA.
 		2021-01-21 09:04:30 -05:00
..
ca Backport #9570 to release/1.8.x: Ensure that CA initialization does not block leader election. (#9571) 2021-01-21 09:04:30 -05:00
common_names.go Updates to Config Entries and Connect for Namespaces (#7116) 2020-01-24 10:04:58 -05:00
common_names_test.go Updates to Config Entries and Connect for Namespaces (#7116) 2020-01-24 10:04:58 -05:00
csr.go auto_encrypt: set dns and ip san for k8s and provide configuration (#6944) 2020-01-17 23:25:26 +01:00
generate.go connect: add validations around intermediate cert ttl (#7213) 2020-02-11 00:05:49 +01:00
generate_test.go Merge pull request #8646 from hashicorp/common-intermediate-ttl 2020-09-15 19:04:27 +00:00
parsing.go Fix support for RSA CA keys in Connect. (#6638) 2019-11-01 13:20:26 +00:00
sni.go connect: generate the full SNI names for discovery targets in the compiler rather than in the xds package (#6340) 2019-08-19 13:03:03 -05:00
sni_test.go connect: generate the full SNI names for discovery targets in the compiler rather than in the xds package (#6340) 2019-08-19 13:03:03 -05:00
testing_ca.go Merge pull request #9009 from hashicorp/update-secondary-ca 2020-11-30 16:13:12 -08:00
testing_ca_test.go ci: Do not skip tests because of missing binaries on CI 2020-03-24 14:34:13 -04:00
testing_spiffe.go Merge pull request #9009 from hashicorp/update-secondary-ca 2020-11-30 16:13:12 -08:00
uri.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
uri_agent.go Fix issue with changing the agent token causing failure to renew the auto-encrypt certificate 2020-07-21 13:49:18 -04:00
uri_agent_test.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
uri_service.go Fix issue with changing the agent token causing failure to renew the auto-encrypt certificate 2020-07-21 13:49:18 -04:00
uri_service_oss.go Fix a couple bugs regarding intentions with namespaces (#7169) 2020-01-29 17:30:38 -05:00
uri_service_test.go Intentions ACL enforcement updates (#7028) 2020-01-13 15:51:40 -05:00
uri_signing.go Replace whitelist/blacklist terminology with allowlist/denylist (#7971) 2020-06-01 10:40:14 -05:00
uri_signing_test.go Fixed many tests after rebase. Some still failing and seem unrelated to any connect changes. 2018-06-14 09:42:16 -07:00
uri_test.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00