mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-26 17:11:13 +02:00
Code Issues Projects Releases Wiki Activity

changelog++

Browse Source
This commit is contained in:
Jeff Mitchell 2016-02-25 10:41:19 -05:00
parent fadb710b05
commit 67dcad50bc
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@ -11,7 +11,7 @@ DEPRECATIONS/BREAKING CHANGES:
including from the CRL. Doing so could lead to a situation where a time including from the CRL. Doing so could lead to a situation where a time
mismatch between the Vault server and clients could result in a certificate mismatch between the Vault server and clients could result in a certificate
that would not be considered expired by a client being removed from the CRL. that would not be considered expired by a client being removed from the CRL.
[GH-1127] The new `pki/tidy` endpoint can be used to trigger expirations. [GH-1129]
IMPROVEMENTS: IMPROVEMENTS:
@ -33,6 +33,8 @@ IMPROVEMENTS:
* secret/pki: Submitted CSRs are now verified to have the correct key type and * secret/pki: Submitted CSRs are now verified to have the correct key type and
minimum number of bits according to the role. The exception is intermediate minimum number of bits according to the role. The exception is intermediate
CA signing and the `sign-verbatim` path [GH-1104] CA signing and the `sign-verbatim` path [GH-1104]
* secret/pki: New `tidy` endpoint to allow expunging expired certificates.
[GH-1129]
* secret/postgresql: While configuring mysql backend, avoid verification of * secret/postgresql: While configuring mysql backend, avoid verification of
connection_url by disabling it using verify_connection option [GH-1096] connection_url by disabling it using verify_connection option [GH-1096]
* secret/ssh: When verifying an OTP, return 400 if it is not valid instead of * secret/ssh: When verifying an OTP, return 400 if it is not valid instead of