mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-16 03:27:01 +02:00
Code Issues Projects Releases Wiki Activity
10,543 Commits 2,843 Branches 445 Tags 454 MiB
68b40b814c
Commit Graph

21 Commits

Author SHA1 Message Date
ncabatoff
1d13290b36
Refactor cert util (#6676) 
Break dataBundle into two pieces: inputBundle, which contains data that
is specific to the pki backend, and creationBundle, which is a more
generic bundle of validated inputs given to certificate creation/signing routines.

Move functions that only take creationBundle to certutil and make them public.
 2019-05-09 11:43:11 -04:00
Jeff Mitchell
278bdd1f4e
Switch to go modules (#6585) 
* Switch to go modules

* Make fmt
 2019-04-13 03:44:06 -04:00
Jeff Mitchell
170521481d
Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
Jeff Mitchell
b54b2648f1
Two PKI improvements: (#5134) 
* Disallow adding CA's serial to revocation list
* Allow disabling revocation list generation. This returns an empty (but
signed) list, but does not affect tracking of revocations so turning it
back on will populate the list properly.
 2018-08-21 11:20:57 -04:00
Vishal Nayak
e2bb2ec3b9
Errwrap everywhere (#4252) 
* package api

* package builtin/credential

* package builtin/logical

* package command

* package helper

* package http and logical

* package physical

* package shamir

* package vault

* package vault

* address feedback

* more fixes
 2018-04-05 11:49:21 -04:00
Jeff Mitchell
904a3a1bab
Add ability to set CA:true when generating intermediate CSR. (#4163) 
Fixes #3883
 2018-03-20 10:09:59 -04:00
Jeff Mitchell
a43a854740
Support other names in SANs (#3889) 2018-02-16 17:19:34 -05:00
Brian Kassouf
8142b42d95 Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 01:44:44 -05:00
Brian Kassouf
78adac0a24
Pass context to backends (#3750) 
* Start work on passing context to backends

* More work on passing context

* Unindent logical system

* Unindent token store

* Unindent passthrough

* Unindent cubbyhole

* Fix tests

* use requestContext in rollback and expiration managers
 2018-01-08 10:31:38 -08:00
Jeff Mitchell
33cf98026e
Add PKCS8 marshaling to PKI (#3518) 2017-11-06 12:05:07 -05:00
Seth Rutner
8675332afa Fix typos in error message (#2692) 2017-05-10 10:28:35 -04:00
Calvin Leung Huang
96bcd50de0 Include and use normalizeSerial func 2017-05-03 10:12:58 -04:00
Jeff Mitchell
dba2de57de Change storage of entries from colons to hyphens and add a 
lookup/migration path

Still TODO: tests on migration path

Fixes #2552
 2017-04-18 11:14:23 -04:00
Chris Hoffman
10c8024fa3 Adding support for chained intermediate CAs in pki backend (#1694) 2016-09-27 17:50:17 -07:00
vishalnayak
ddb6ae18a0 Fix invalid input getting marked as internal error 2016-07-28 16:23:11 -04:00
Jeff Mitchell
7ed0399e1f Add "tidy/" which allows removing expired certificates. 
A buffer is used to ensure that we only remove certificates that are
both expired and for which the buffer has past. Options allow removal
from revoked/ and/or certs/.
 2016-02-24 21:24:48 -05:00
Tom Ritter
88ae7ae9fe Typo in error message in path_intermediate.go 2016-02-09 15:08:30 -06:00
Jeff Mitchell
7fb8db2e6c Allow the format to be specified as pem_bundle, which creates a 
concatenated PEM file.

Fixes #992
 2016-02-01 13:19:41 -05:00
Jeff Mitchell
45e32756ea WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell
7eed5db86f Update documentation, some comments, make code cleaner, and make generated roots be revoked when their TTL is up 2015-11-19 17:14:22 -05:00
Jeff Mitchell
3437af0711 Split root and intermediate functionality into their own sections in the API. Update documentation. Add sign-verbatim endpoint. 2015-11-19 09:51:18 -05:00