mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-15 11:07:00 +02:00
Code Issues Projects Releases Wiki Activity
6,740 Commits 2,843 Branches 445 Tags 454 MiB
d3a2844a75
Commit Graph

52 Commits

Author SHA1 Message Date
Chris Hoffman
010575cb60 Rename "generic" secret backend to "kv" (#3292) 2017-09-15 09:02:29 -04:00
Jeff Mitchell
cb0b22031d Update index.html.md 2017-04-18 15:50:44 -04:00
Jon Benson
32854c8066 Fix sentence - remove "and" 2017-04-17 19:35:04 -07:00
Seth Vargo
0fe2e84e3a
Update titles 2017-03-17 14:37:01 -04:00
Seth Vargo
f64bf8d183
/docs/http -> /api 2017-03-17 14:06:03 -04:00
Seth Vargo
501cf5d065
Break out API documentation for secret backends 2017-03-16 09:47:06 -07:00
Jeff Mitchell
688104e69a Allow roles to specify whether CSR SANs should be used instead of (#2489) 
request values. Fix up some documentation.

Fixes #2451
Fixes #2488
 2017-03-15 14:38:18 -04:00
Vishal Nayak
e3016053b3 PKI: Role switch to control lease generation (#2403) 
* pki: Make generation of leases optional

* pki: add tests for upgrading generate_lease

* pki: add tests for leased and non-leased certs

* docs++ pki generate_lease

* Generate lease is applicable for both issuing and signing

* pki: fix tests

* Address review feedback

* Address review feedback
 2017-02-24 12:12:40 -05:00
Jeff Mitchell
5e5d9baabe Add Organization support to PKI backend. (#2380) 
Fixes #2369
 2017-02-16 01:04:29 -05:00
Brian Vans
32d5d88119 Fixing a few typos in the docs (#2344) 2017-02-07 11:55:29 -05:00
joe miller
90e32515ea allow roles to set OU value in certificates issued by the pki backend (#2251) 2017-01-23 12:44:45 -05:00
Jeff Mitchell
6165c3e20f Update docs to fix #2102 2016-11-22 12:19:22 -05:00
vishalnayak
6b0be2d5c4 Added user listing endpoint to userpass docs 2016-09-30 15:47:33 -04:00
Jeff Mitchell
c748ff322f Change default TTL from 30 to 32 to accommodate monthly operations (#1942) 2016-09-28 18:32:49 -04:00
Chris Hoffman
10c8024fa3 Adding support for chained intermediate CAs in pki backend (#1694) 2016-09-27 17:50:17 -07:00
Chris Hoffman
87b4514f44 Missing prefix on roles list 2016-07-29 11:31:26 -04:00
Jeff Mitchell
d46eba8a42 Update PKI docs with key_usge info 2016-06-23 11:07:17 -04:00
Laura Bennett
8fb5ca046c url fix 2016-06-08 14:53:33 -04:00
Laura Bennett
2b3f6d59a5 Updates for pki/certs list functionality 2016-06-08 14:37:57 -04:00
Jeff Mitchell
9de0ea081a Don't revoke CA certificates with leases. 2016-05-09 19:53:28 -04:00
Jeff Mitchell
f5d304ab56 Add exclude_cn_from_sans to PKI docs 2016-03-17 16:58:06 -04:00
Jeff Mitchell
ec75a24647 Be more explicit about buffer type 2016-02-24 22:05:39 -05:00
Jeff Mitchell
6dd8822c08 Add documentation for pki/tidy 2016-02-24 21:31:29 -05:00
Jeff Mitchell
ac3191ad02 Disallow 1024-bit RSA keys. 
Existing certificates are kept but roles with key bits < 2048 will need
to be updated as the signing/issuing functions now enforce this.
 2016-02-19 14:33:02 -05:00
Jeff Mitchell
ddb475d40d Merge pull request #1075 from rajanadar/patch-14 
adding full response for intermediate/generate
 2016-02-18 10:16:53 -05:00
Raja Nadar
8e5989ecb5 adding full response for intermediate/generate 
1. adding superset of fields in response, so that folks can see all possible response fields.
2. also added the less important "warnings" field
 2016-02-14 14:42:37 -08:00
Raja Nadar
d083f459bd fixing response fields of /pki/issue 
1. added the private_key_type field
2. changed "serial" to "serial_number"
3. added the warnings field
 2016-02-14 12:41:43 -08:00
techraf
30c51e8e4e Fixes typo 2016-02-12 22:34:07 +09:00
Jeff Mitchell
7fb8db2e6c Allow the format to be specified as pem_bundle, which creates a 
concatenated PEM file.

Fixes #992
 2016-02-01 13:19:41 -05:00
Jeff Mitchell
3b22ab02c6 Add listing of roles to PKI 2016-01-28 15:18:07 -05:00
kenjones-cisco
3438a3c9da Fixes mis-placed html tag 2015-12-31 10:37:01 -05:00
kenjones
71a8118229 add missing html tag 2015-12-20 14:20:30 -05:00
Jeff Mitchell
bd03d3c422 Change allowed_base_domain to allowed_domains and allow_base_domain to 
allow_bare_domains, for comma-separated multi-domain support.
 2015-11-30 23:49:11 -05:00
Jeff Mitchell
703a0d65c0 Remove token display names from input options as there isn't a viable 
use-case for it at the moment
 2015-11-30 18:07:42 -05:00
Jeff Mitchell
6af9eac08b Documentation update 2015-11-20 13:13:57 -05:00
Jeff Mitchell
7eed5db86f Update documentation, some comments, make code cleaner, and make generated roots be revoked when their TTL is up 2015-11-19 17:14:22 -05:00
Jeff Mitchell
061539434f Update validator function for URIs. Change example of entering a CA to a 
root cert generation. Other minor documentation updates. Fix private key
output in issue/sign.
 2015-11-19 11:35:17 -05:00
Jeff Mitchell
f644557eab Make it clear that generating/setting a CA cert will overwrite what's 
there.
 2015-11-19 09:51:18 -05:00
Jeff Mitchell
3437af0711 Split root and intermediate functionality into their own sections in the API. Update documentation. Add sign-verbatim endpoint. 2015-11-19 09:51:18 -05:00
Jeff Mitchell
237285e822 Address some feedback from review 2015-11-19 09:51:18 -05:00
Jeff Mitchell
cf148d8cc6 Large documentation updates, remove the pathlength path in favor of 
making that a parameter at CA generation/sign time, and allow more
fields to be configured at CSR generation time.
 2015-11-19 09:51:18 -05:00
Jeff Mitchell
c33c43620f Add tests for intermediate signing and CRL, and fix a couple things 
Completes extra functionality.
 2015-11-19 09:51:17 -05:00
Seth Vargo
cfd7aa5983 Remove tabs from terminal output 
This also standardizes on the indentation we use for multi-line commands as
well as prefixes all commands with a $ to indicate a shell.
 2015-10-12 12:10:22 -04:00
Jeff Mitchell
f84c8b8681 Deprecate lease -> ttl in PKI backend, and default to system TTL values if not given. This prevents issuing certificates with a longer duration than the maximum lease TTL configured in Vault. Fixes #470. 2015-08-27 12:24:37 -07:00
Fabian Ruff
d2074132aa fix doc for pki/revoke API 2015-07-29 14:28:12 +02:00
Armon Dadgar
dc5ecc3eed website: fixing lots of references to vault help 2015-07-13 20:12:09 +10:00
Jeff Mitchell
435aefc072 A few things: 
* Add comments to every non-obvious (e.g. not basic read/write handler type) function
* Remove revoked/ endpoint, at least for now
* Add configurable CRL lifetime
* Cleanup
* Address some comments from code review

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-19 12:48:18 -04:00
Jeff Mitchell
23ba605068 Refactor to allow only issuing CAs to be set and not have things blow up. This is useful/important for e.g. the Cassandra backend, where you may want to do TLS with a specific CA cert for server validation, but not actually do client authentication with a client cert. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-18 15:22:58 -04:00
Jeff Mitchell
067fbc9078 Fix a docs-out-of-date bug. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-12 16:33:00 -04:00
Jeff Mitchell
0ee9735a5a Fix some out-of-date examples. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-11 21:17:05 -04:00