consul/agent/connect
R.B. Boyer c4b92d5534
connect: connect CA Roots in secondary datacenters should use a SigningKeyID derived from their local intermediate (#6513)
This fixes an issue where leaf certificates issued in secondary
datacenters would be reissued very frequently (every ~20 seconds)
because the logic meant to detect root rotation was errantly triggering
because a hash of the ultimate root (in the primary) was being compared
against a hash of the local intermediate root (in the secondary) and
always failing.
2019-09-26 11:54:14 -05:00
..
ca connect: don't colon-hex-encode the AuthorityKeyId and SubjectKeyId fields in connect certs (#6492) 2019-09-23 12:52:35 -05:00
csr.go revert commits on master (#6413) 2019-08-27 17:45:58 -04:00
generate.go connect: Support RSA keys in addition to ECDSA (#6055) 2019-07-30 17:47:39 -04:00
generate_test.go fix typo of 'unknown' in log messages 2019-09-13 15:59:49 -05:00
parsing.go connect: connect CA Roots in secondary datacenters should use a SigningKeyID derived from their local intermediate (#6513) 2019-09-26 11:54:14 -05:00
sni.go connect: generate the full SNI names for discovery targets in the compiler rather than in the xds package (#6340) 2019-08-19 13:03:03 -05:00
sni_test.go connect: generate the full SNI names for discovery targets in the compiler rather than in the xds package (#6340) 2019-08-19 13:03:03 -05:00
testing_ca.go connect: don't colon-hex-encode the AuthorityKeyId and SubjectKeyId fields in connect certs (#6492) 2019-09-23 12:52:35 -05:00
testing_ca_test.go connect: Support RSA keys in addition to ECDSA (#6055) 2019-07-30 17:47:39 -04:00
testing_spiffe.go Fixed many tests after rebase. Some still failing and seem unrelated to any connect changes. 2018-06-14 09:42:16 -07:00
uri.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
uri_agent.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
uri_agent_test.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
uri_service.go agent/connect: Authorize for CertURI 2018-06-14 09:41:54 -07:00
uri_service_test.go agent/connect: Authorize for CertURI 2018-06-14 09:41:54 -07:00
uri_signing.go fix typos reported by golangci-lint:misspell (#5434) 2019-03-06 11:13:28 -06:00
uri_signing_test.go Fixed many tests after rebase. Some still failing and seem unrelated to any connect changes. 2018-06-14 09:42:16 -07:00
uri_test.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00