mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-09-04 05:21:09 +02:00
Code Issues Projects Releases Wiki Activity

changelog++

Browse Source
This commit is contained in:
Jeff Mitchell 2017-09-13 11:46:17 -04:00
parent f970aea9f8
commit 1a0deba2d5
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
CHANGELOG.md
View File

@ -10,6 +10,21 @@ CHANGES:
to be added to generated tokens, however, rather than backends adding to be added to generated tokens, however, rather than backends adding
`default` to the given set of input policies (in some cases, adn not in `default` to the given set of input policies (in some cases, adn not in
others), the stored set will reflect the user-specified set. others), the stored set will reflect the user-specified set.
* `sign-self-issued` modifies Issuer in generated certificates: In 0.8.2 the
endpoint would not modify the Issuer in the generated certificate, leaving
the output self-issued. Although theoretically valid, in practice crypto
stacks were unhappy validating paths containing such certs. As a result,
`sign-self-issued` now encodes the signing CA's Subject DN into the Issuer
DN of the generated certificate.
IMPROVEMENTS:
* secret/pki: `sign-intermediate` will now allow specifying a `ttl` value longer than the signing CA certificate's NotAfter value. [GH-3325]
BUG FIXES:
* secret/pki: Fix `sign-self-issued` encoding the wrong subject public key
[GH-3325]
## 0.8.2.1 (September 11th, 2017) (Enterprise Only) ## 0.8.2.1 (September 11th, 2017) (Enterprise Only)