mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-05-04 20:06:27 +02:00
Code Issues Projects Releases Wiki Activity

Use tidy_revoked_certs instead of tidy_revocation_list (#5608)

Browse Source
This commit is contained in:
Balazs Nagy 2018-10-30 00:29:35 +01:00 committed by Vishal Nayak
parent 1157625d70
commit bc9ace4296
2 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
builtin/logical/pki/ca_test.go
View File

@ -507,9 +507,9 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName,
// Run with a high safety buffer, nothing should happen
{
resp, err := client.Logical().Write(rootName+"tidy", map[string]interface{}{
"safety_buffer": "3h",
"tidy_cert_store": true,
"tidy_revocation_list": true,
"safety_buffer": "3h",
"tidy_cert_store": true,
"tidy_revoked_certs": true,
})
if err != nil {
t.Fatal(err)
@ -528,9 +528,9 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName,
// Run with both values set false, nothing should happen
{
resp, err := client.Logical().Write(rootName+"tidy", map[string]interface{}{
"safety_buffer": "1s",
"tidy_cert_store": false,
"tidy_revocation_list": false,
"safety_buffer": "1s",
"tidy_cert_store": false,
"tidy_revoked_certs": false,
})
if err != nil {
t.Fatal(err)
@ -549,9 +549,9 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName,
// Run with a short safety buffer and both set to true, both should be cleared
{
resp, err := client.Logical().Write(rootName+"tidy", map[string]interface{}{
"safety_buffer": "1s",
"tidy_cert_store": true,
"tidy_revocation_list": true,
"safety_buffer": "1s",
"tidy_cert_store": true,
"tidy_revoked_certs": true,
})
if err != nil {
t.Fatal(err)

4
website/source/guides/secret-mgmt/pki-engine.html.md
View File

@ -673,7 +673,7 @@ expired and are past a certain buffer period beyond their expiration time.
To remove revoked certificate and clean the CRL.
```plaintext
$ vault write pki_int/tidy tidy_cert_store=true tidy_revocation_list=true
$ vault write pki_int/tidy tidy_cert_store=true tidy_revoked_certs=true
```
#### API call using cURL
@ -686,7 +686,7 @@ the CRL.
```plaintext
$ curl --header "X-Vault-Token: ..." \
--request POST \
--data '{"tidy_cert_store": true, "tidy_revocation_list": true}' \
--data '{"tidy_cert_store": true, "tidy_revoked_certs": true}' \
https://127.0.0.1:8200/v1/pki_int/tidy
```