mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-29 10:31:08 +02:00
Code Issues Projects Releases Wiki Activity
10,543 Commits 2,838 Branches 446 Tags
Commit Graph

2583 Commits

Author SHA1 Message Date
Jeff Mitchell
435aefc072 A few things: 
* Add comments to every non-obvious (e.g. not basic read/write handler type) function
* Remove revoked/ endpoint, at least for now
* Add configurable CRL lifetime
* Cleanup
* Address some comments from code review

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-19 12:48:18 -04:00
Armon Dadgar
46ba8d10a5 physical/mysql: cleanup and documentation 2015-06-18 14:31:00 -07:00
Jeff Mitchell
23ba605068 Refactor to allow only issuing CAs to be set and not have things blow up. This is useful/important for e.g. the Cassandra backend, where you may want to do TLS with a specific CA cert for server validation, but not actually do client authentication with a client cert. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-18 15:22:58 -04:00
Armon Dadgar
ba24d891fd website: document transit upsert behavior 2015-06-17 18:51:58 -07:00
Armon Dadgar
7c31e29295 website: update the transit documentation 2015-06-17 18:45:29 -07:00
Jeff Mitchell
79164f38ad Merge branch 'master' into f-pki 2015-06-16 13:43:25 -04:00
Armon Dadgar
61f7c098f7 Merge pull request #341 from ryancurrah/ryancurrah-doc-transit-echofix 
Do not output the trailing newline in encoding.
 2015-06-15 17:36:01 -07:00
Seth Vargo
b9112733f3 Document longest-prefix match 
Fixes https://github.com/hashicorp/vault/issues/331
 2015-06-15 14:29:20 -04:00
Ryan Currah
35f1cfeb77 Do not output the trailing newline in encoding. 
Added -n to echo command to prevent newlines from showing up in encoding.
 2015-06-13 12:03:57 -04:00
Jeff Mitchell
067fbc9078 Fix a docs-out-of-date bug. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-12 16:33:00 -04:00
Jeff Mitchell
0ee9735a5a Fix some out-of-date examples. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-11 21:17:05 -04:00
Jeff Mitchell
20ac7a46f7 Add acceptance tests 
* CA bundle uploading
* Basic role creation
* Common Name restrictions
* IP SAN restrictions
* EC + RSA keys
* Various key usages
* Lease times
* CA fetching in various formats
* DNS SAN handling

Also, fix a bug when trying to get code signing certificates.

Not tested:
* Revocation (I believe this is impossible with the current testing framework)

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-08 00:06:09 -04:00
Jeff Mitchell
530b67bbb9 Initial PKI backend implementation. 
Complete:
* Up-to-date API documents
* Backend configuration (root certificate and private key)
* Highly granular role configuration
* Certificate generation
* CN checking against role
* IP and DNS subject alternative names
* Server, client, and code signing usage types
* Later certificate (but not private key) retrieval
* CRL creation and update
* CRL/CA bare endpoints (for cert extensions)
* Revocation (both Vault-native and by serial number)
* CRL force-rotation endpoint

Missing:
* OCSP support (can't implement without changes in Vault)
* Unit tests

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-08 00:06:09 -04:00
Justin Campbell
a8850ed5ed docs: Fix examples of auth via JSON 
For both userpass and LDAP
 2015-06-04 10:38:11 -04:00
Justin Campbell
55de351b98 Remove .DS_Store 
Already gitignored
 2015-06-04 10:17:00 -04:00
Armon Dadgar
9b879d3434 Merge pull request #263 from sheldonh/iam-policy 
List IAM permissions required by root credentials
 2015-06-01 13:16:51 +02:00
Armon Dadgar
35b10a7a9a Merge pull request #261 from jsok/consul-lease 
Add ability to configure consul lease durations
 2015-06-01 13:04:28 +02:00
Armon Dadgar
96241c4972 Merge pull request #277 from hashicorp/f-rotate 
Add support for key rotation
 2015-06-01 12:52:32 +02:00
Seth Vargo
6e9f37e993 Cleanup style on http index docs 2015-05-31 21:23:44 -07:00
Seth Vargo
767a3e9e32 Merge pull request #271 from boncheff/f-doc-update-read-write-example 
Update index.html.md
 2015-05-31 21:20:34 -07:00
Seth Vargo
6c677fd4f1 Merge pull request #279 from whit537/patch-1 
Capitalize the first word of a sentence
 2015-05-31 15:53:34 -07:00
Seth Vargo
974e8526cd Merge pull request #280 from whit537/patch-2 
Put me in charge of dev mode :)
 2015-05-31 15:53:24 -07:00
Seth Vargo
bdd6fed13f Merge pull request #282 from whit537/patch-3 
Add a missing word
 2015-05-31 15:52:21 -07:00
Seth Vargo
6d0a5f3e8a Merge pull request #283 from whit537/patch-4 
revisions to Getting Started > Dynamic Secrets
 2015-05-31 15:52:08 -07:00
Seth Vargo
81466baecc Merge pull request #284 from whit537/patch-5 
revisions to Getting Started > Built-in Help
 2015-05-31 15:51:51 -07:00
Seth Vargo
cefceb35d8 Merge pull request #285 from whit537/patch-6 
revisions to Getting Started > Authentication
 2015-05-31 15:51:39 -07:00
Seth Vargo
4724b9ce56 Merge pull request #286 from whit537/patch-7 
revisions to Getting Started > Access Control Policies
 2015-05-31 15:51:08 -07:00
Seth Vargo
0af7e11fc6 Merge pull request #287 from whit537/patch-8 
revisions to Getting Started > Deploy Vault
 2015-05-31 15:50:58 -07:00
Chad Whitacre
adb777cc0f Provide missing verb 2015-05-31 17:19:34 -04:00
Chad Whitacre
15ed262345 Fix punctuation 
We want an apostrophe (for the contraction, not the possessive), but we don't want an extra period.
 2015-05-31 17:00:44 -04:00
Chad Whitacre
d0520bf24a Remove an errant article 2015-05-31 16:47:15 -04:00
Chad Whitacre
1e5841aa4d Fix number of a noun 2015-05-31 16:42:29 -04:00
Chad Whitacre
678edf5376 Fix another broken passive 2015-05-31 16:34:34 -04:00
Chad Whitacre
28fd5ed7f6 Fix a broken verb voice 2015-05-31 16:31:10 -04:00
Chad Whitacre
b201f0a54f Charges don't incur themselves 2015-05-31 16:24:03 -04:00
Chad Whitacre
86e8195cb1 REMOVE A SINGLE WHITESPACE CHARACTER 2015-05-31 16:21:39 -04:00
Chad Whitacre
4d6f74b2a3 Remove quotes to match styling elsewhere 
Cf. http://vaultproject.io/intro/getting-started/dynamic-secrets.html
 2015-05-31 16:20:56 -04:00
Chad Whitacre
e6fadc0eb8 Add a missing word 2015-05-31 16:19:38 -04:00
Chad Whitacre
2d442a2b5e fix line wrapping 
Sorry!
 2015-05-31 16:07:50 -04:00
Chad Whitacre
2ab0ea3ff7 Direct new users over to the getting started guide 
I found myself on the dev server reference, when really I was more interested in the getting started guide. This link is intended to help others get back on the right track.
 2015-05-31 16:06:58 -04:00
Chad Whitacre
de535518f9 Put me in charge of dev mode :) 
- "You" as subject instead of "Vault"
 - give the actual command
 - minor formatting changes
 2015-05-31 15:54:32 -04:00
Chad Whitacre
a5f551e590 Capitalize the first word of a sentence 2015-05-31 14:22:57 -04:00
Armon Dadgar
c94a0562c3 website: document key rotation internals 2015-05-29 15:34:29 -07:00
Armon Dadgar
200b30d28d website: document new system APIs 2015-05-29 15:05:05 -07:00
Christian Berg
de4b6e2029 Fix typo 2015-05-29 10:24:29 +02:00
boncheff
d8a3bdc2d7 Update index.html.md 
Updated the docs to show an example of how to read/write a secret using the HTTP API
 2015-05-28 22:28:25 +01:00
Armon Dadgar
8f5b7dfe50 Merge pull request #269 from sheldonh/getting_started_deploy_consul 
Use local Consul instance in deploy walkthrough
 2015-05-28 10:06:36 -07:00
Sheldon Hearn
0cf95d9393 Use local Consul instance in deploy walkthrough 
As per hashicorp/vault#217, demo.consul.io prevents sessions from being
created, which means you can't use it as a backend for Vault.
 2015-05-28 14:11:34 +02:00
Sheldon Hearn
233a862b60 Mention disable_mlock in deploy walkthrough 2015-05-28 13:24:28 +02:00
Sheldon Hearn
d1ec264eff Clarify the disable_mlock option 2015-05-28 12:40:56 +02:00