mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-18 21:21:06 +02:00
Code Issues Projects Releases Wiki Activity
7,543 Commits 2,845 Branches 445 Tags
Commit Graph

26 Commits

Author SHA1 Message Date
Jeff Mitchell
a43a854740
Support other names in SANs (#3889) 2018-02-16 17:19:34 -05:00
Vishal Nayak
58cab5f59f added a flag to make common name optional if desired (#3940) 
* added a flag to make common name optional if desired

* Cover one more case where cn can be empty

* remove skipping when empty; instead check for emptiness before calling validateNames

* Add verification before adding to DNS names to also fix #3918
 2018-02-09 13:42:19 -05:00
Jeff Mitchell
d6552a11cc Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-03 14:02:31 -05:00
dmwilcox
ad0a39dfe1 Update docs to reflect ability to load cold CA certs to output full chains. (#3740) 2018-01-03 10:59:18 -05:00
Chris Hoffman
628153979a
Converting key_usage and allowed_domains in PKI to CommaStringSlice (#3621) 2017-12-11 13:13:35 -05:00
Paulo Ribeiro
a179a1804d Remove duplicate link in ToC (#3671) 2017-12-11 12:52:58 -05:00
Jeff Mitchell
32a7503b89
Cross reference pki/cert in a few places. 2017-12-11 11:10:28 -05:00
Mohsen
77fc89088d Small typo relating to no_store in pki secret backend (#3662) 
* Removed typo :)

* Corrected typo in the website related to no_store
 2017-12-07 10:40:21 -05:00
Jeff Mitchell
33cf98026e
Add PKCS8 marshaling to PKI (#3518) 2017-11-06 12:05:07 -05:00
Seth Vargo
23d1d9a1ac
Resolve the most painful merge conflict known on earth 2017-10-24 09:34:12 -04:00
Seth Vargo
39097c80d6
Remove ?list examples 
They are documented in the overall API section, but people should get used to seeing LIST as a verb
 2017-10-24 09:32:15 -04:00
Martins Sipenko
095017a364 Fix docs (#3449) 2017-10-11 11:29:26 -04:00
Jeff Mitchell
04e8d163ba Allow entering PKI URLs as arrays. (#3409) 
Fixes #3407
 2017-10-03 16:13:57 -04:00
Jeff Mitchell
f970aea9f8 Change behavior of TTL in sign-intermediate (#3325) 
* Fix using wrong public key in sign-self-issued

* Change behavior of TTL in sign-intermediate

This allows signing CA certs with an expiration past the signer's
NotAfter.

It also change sign-self-issued to replace the Issuer, since it's
potentially RFC legal but stacks won't validate it.

Ref: https://groups.google.com/d/msg/vault-tool/giP69-n2o20/FfhRpW1vAQAJ
 2017-09-13 11:42:45 -04:00
Jeff Mitchell
4ad96d9513 Add pki/root/sign-self-issued. (#3274) 
* Add pki/root/sign-self-issued.

This is useful for root CA rolling, and is also suitably dangerous.

Along the way I noticed we weren't setting the authority key IDs
anywhere, so I addressed that.

* Add tests
 2017-08-31 23:07:15 -04:00
Chris Hoffman
a7105536d6 Add GET variant on LIST endpoints (#3232) 2017-08-23 17:59:22 -04:00
Jeff Mitchell
e6b43f7278 Add permitted dns domains to pki (#3164) 2017-08-15 16:10:36 -04:00
Jeff Mitchell
2946d133af Make PKI root generation idempotent-ish and add delete endpoint. (#3165) 2017-08-15 14:00:40 -04:00
Vishal Nayak
cdffc50fac doc: PKI API table of contents (#2756) 
* Add a table of contents for api/secret/pki

* Fix the read certificate link
 2017-05-23 09:19:47 -04:00
mhristof
4ba3755c79 fix format for secret/pki (#2668) 2017-05-02 07:52:55 -04:00
Justin Gerace
2e8e9ed02d Add globbing support to the PKI backend's allowed_domains list (#2517) 2017-05-01 10:40:18 -04:00
Jeff Mitchell
85b92811ab Update sign-verbatim to correctly set generate_lease (#2593) 2017-04-18 15:54:31 -04:00
Jeff Mitchell
a385d1e092 Remove allow_token_displayname from docs as we don't support that any longer 2017-04-17 17:25:44 -04:00
Shivaram Lingamneni
7cbc5d6e05 implement a no_store option for pki roles (#2565) 2017-04-07 11:25:47 -07:00
Paul Cichonski
d54b555893 fix typo in pki api doc 2017-04-02 17:02:11 -04:00
Seth Vargo
f64bf8d183
/docs/http -> /api 2017-03-17 14:06:03 -04:00