mirror of https://github.com/status-im/consul.git
2b90307f6d
Consul used to rely on implicit issuer selection when calling Vault endpoints to issue new CSRs. Vault 1.11+ changed that behavior, which caused Consul to check the wrong (previous) issuer when renewing its Intermediate CA. This patch allows Consul to explicitly set a default issuer when it detects that the response from Vault is 1.11+. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Co-authored-by: Chris S. Kim <ckim@hashicorp.com> |
||
|---|---|---|
| .. | ||
| ca | ||
| authz.go | ||
| authz_test.go | ||
| common_names.go | ||
| csr.go | ||
| csr_test.go | ||
| generate.go | ||
| generate_test.go | ||
| parsing.go | ||
| sni.go | ||
| sni_test.go | ||
| testing_ca.go | ||
| testing_ca_test.go | ||
| testing_spiffe.go | ||
| uri.go | ||
| uri_agent.go | ||
| uri_agent_oss.go | ||
| uri_agent_oss_test.go | ||
| uri_mesh_gateway.go | ||
| uri_mesh_gateway_oss.go | ||
| uri_mesh_gateway_oss_test.go | ||
| uri_server.go | ||
| uri_service.go | ||
| uri_service_oss.go | ||
| uri_service_oss_test.go | ||
| uri_signing.go | ||
| uri_signing_test.go | ||
| uri_test.go | ||
| x509_patch.go | ||
| x509_patch_test.go | ||