mirror of https://github.com/status-im/consul.git
804eb17094
Currently when using the built-in CA provider for Connect, root certificates are valid for 10 years, however secondary DCs get intermediates that are valid for only 1 year. There is no mechanism currently short of rotating the root in the primary that will cause the secondary DCs to renew their intermediates. This PR adds a check that renews the cert if it is half way through its validity period. In order to be able to test these changes, a new configuration option was added: IntermediateCertTTL which is set extremely low in the tests. |
||
|---|---|---|
| .. | ||
| ca | ||
| native | ||
| platform | ||
| proxies | ||
| registration | ||
| ca.html.md | ||
| configuration.html.md | ||
| connect-internals.html.md | ||
| dev.html.md | ||
| index.html.md | ||
| intentions.html.md | ||
| l7-traffic-management.html.md | ||
| mesh_gateway.html.md | ||
| native.html.md | ||
| observability.html.md | ||
| proxies.html.md | ||
| registration.html.md | ||
| security.html.md | ||