mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-26 00:51:08 +02:00
Code Issues Projects Releases Wiki Activity
1,452 Commits 2,840 Branches 445 Tags
Commit Graph

302 Commits

Author SHA1 Message Date
Matt Button
6d2eca31f1 Remove documentation that was copied from the terraform project 2015-07-12 16:52:24 +00:00
mootpt
40d2834310 fixed secrets backend url 
minor doc fix
 2015-07-06 11:11:58 -07:00
mootpt
e8fb47048b pointed authentication backend to proper location 
pointed authentication backend to proper location
 2015-07-06 10:42:14 -07:00
Armon Dadgar
ab489f3208 Merge pull request #400 from hashicorp/f-glob 
Change ACL semantics, use explicit glob and deny has highest precedence
 2015-07-06 11:15:49 -06:00
Armon Dadgar
d9c7349ad3 website: clarify changes in addition to feedback 2015-07-06 11:10:09 -06:00
Armon Dadgar
c062345146 secret/transit: address PR feedback 2015-07-05 19:58:31 -06:00
Armon Dadgar
348369c450 website: clarify getting started ACL docs 2015-07-05 18:40:05 -06:00
Armon Dadgar
5e40a66b7c website: update for glob matching 2015-07-05 17:43:13 -06:00
Armon Dadgar
5838f8da50 website: document derived keys in secret/transit 2015-07-05 14:47:16 -07:00
Armon Dadgar
d77efbd716 http: support ?standbyok for 200 status on standby. Fixes #389 2015-07-02 17:49:35 -07:00
Bradley Girardeau
0ef2eca24f ldap: add starttls support and option to specificy ca certificate 2015-07-02 15:49:51 -07:00
Armon Dadgar
f7602dd44a Merge pull request #380 from kgutwin/cert-cli 
Enable TLS client cert authentication via the CLI
 2015-06-30 11:44:28 -07:00
Armon Dadgar
a8537b220e website: document insecure_tls for LDAP backend 2015-06-30 09:42:18 -07:00
Jeff Mitchell
035c430eb2 Address some issues from code review. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-30 09:27:23 -04:00
Karl Gutwin
6668a6d7ef Website docs. 2015-06-30 09:18:39 -04:00
Jeff Mitchell
1faaf20b92 A Cassandra secrets backend. 
Supports creation and deletion of users in Cassandra using flexible CQL queries.

TLS, including client authentication, is supported.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-30 09:04:01 -04:00
Armon Dadgar
01592c0744 Merge pull request #310 from jefferai/f-pki 
Initial PKI backend implementation
 2015-06-21 11:12:22 +01:00
sergiopatino
cc52aaf585 Fix typo in link to Atlas URL. 
Missing a colon after https!
 2015-06-21 02:41:26 -07:00
Jeff Mitchell
d8ed14a603 Merge remote-tracking branch 'upstream/master' into f-pki 2015-06-19 13:01:26 -04:00
Jeff Mitchell
435aefc072 A few things: 
* Add comments to every non-obvious (e.g. not basic read/write handler type) function
* Remove revoked/ endpoint, at least for now
* Add configurable CRL lifetime
* Cleanup
* Address some comments from code review

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-19 12:48:18 -04:00
Armon Dadgar
46ba8d10a5 physical/mysql: cleanup and documentation 2015-06-18 14:31:00 -07:00
Jeff Mitchell
23ba605068 Refactor to allow only issuing CAs to be set and not have things blow up. This is useful/important for e.g. the Cassandra backend, where you may want to do TLS with a specific CA cert for server validation, but not actually do client authentication with a client cert. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-18 15:22:58 -04:00
Armon Dadgar
ba24d891fd website: document transit upsert behavior 2015-06-17 18:51:58 -07:00
Armon Dadgar
7c31e29295 website: update the transit documentation 2015-06-17 18:45:29 -07:00
Jeff Mitchell
79164f38ad Merge branch 'master' into f-pki 2015-06-16 13:43:25 -04:00
Armon Dadgar
61f7c098f7 Merge pull request #341 from ryancurrah/ryancurrah-doc-transit-echofix 
Do not output the trailing newline in encoding.
 2015-06-15 17:36:01 -07:00
Seth Vargo
b9112733f3 Document longest-prefix match 
Fixes https://github.com/hashicorp/vault/issues/331
 2015-06-15 14:29:20 -04:00
Ryan Currah
35f1cfeb77 Do not output the trailing newline in encoding. 
Added -n to echo command to prevent newlines from showing up in encoding.
 2015-06-13 12:03:57 -04:00
Jeff Mitchell
067fbc9078 Fix a docs-out-of-date bug. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-12 16:33:00 -04:00
Jeff Mitchell
0ee9735a5a Fix some out-of-date examples. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-11 21:17:05 -04:00
Jeff Mitchell
20ac7a46f7 Add acceptance tests 
* CA bundle uploading
* Basic role creation
* Common Name restrictions
* IP SAN restrictions
* EC + RSA keys
* Various key usages
* Lease times
* CA fetching in various formats
* DNS SAN handling

Also, fix a bug when trying to get code signing certificates.

Not tested:
* Revocation (I believe this is impossible with the current testing framework)

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-08 00:06:09 -04:00
Jeff Mitchell
530b67bbb9 Initial PKI backend implementation. 
Complete:
* Up-to-date API documents
* Backend configuration (root certificate and private key)
* Highly granular role configuration
* Certificate generation
* CN checking against role
* IP and DNS subject alternative names
* Server, client, and code signing usage types
* Later certificate (but not private key) retrieval
* CRL creation and update
* CRL/CA bare endpoints (for cert extensions)
* Revocation (both Vault-native and by serial number)
* CRL force-rotation endpoint

Missing:
* OCSP support (can't implement without changes in Vault)
* Unit tests

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-08 00:06:09 -04:00
Justin Campbell
a8850ed5ed docs: Fix examples of auth via JSON 
For both userpass and LDAP
 2015-06-04 10:38:11 -04:00
Justin Campbell
55de351b98 Remove .DS_Store 
Already gitignored
 2015-06-04 10:17:00 -04:00
Armon Dadgar
9b879d3434 Merge pull request #263 from sheldonh/iam-policy 
List IAM permissions required by root credentials
 2015-06-01 13:16:51 +02:00
Armon Dadgar
35b10a7a9a Merge pull request #261 from jsok/consul-lease 
Add ability to configure consul lease durations
 2015-06-01 13:04:28 +02:00
Armon Dadgar
96241c4972 Merge pull request #277 from hashicorp/f-rotate 
Add support for key rotation
 2015-06-01 12:52:32 +02:00
Seth Vargo
6e9f37e993 Cleanup style on http index docs 2015-05-31 21:23:44 -07:00
Seth Vargo
767a3e9e32 Merge pull request #271 from boncheff/f-doc-update-read-write-example 
Update index.html.md
 2015-05-31 21:20:34 -07:00
Seth Vargo
6c677fd4f1 Merge pull request #279 from whit537/patch-1 
Capitalize the first word of a sentence
 2015-05-31 15:53:34 -07:00
Seth Vargo
974e8526cd Merge pull request #280 from whit537/patch-2 
Put me in charge of dev mode :)
 2015-05-31 15:53:24 -07:00
Seth Vargo
bdd6fed13f Merge pull request #282 from whit537/patch-3 
Add a missing word
 2015-05-31 15:52:21 -07:00
Seth Vargo
6d0a5f3e8a Merge pull request #283 from whit537/patch-4 
revisions to Getting Started > Dynamic Secrets
 2015-05-31 15:52:08 -07:00
Seth Vargo
81466baecc Merge pull request #284 from whit537/patch-5 
revisions to Getting Started > Built-in Help
 2015-05-31 15:51:51 -07:00
Seth Vargo
cefceb35d8 Merge pull request #285 from whit537/patch-6 
revisions to Getting Started > Authentication
 2015-05-31 15:51:39 -07:00
Seth Vargo
4724b9ce56 Merge pull request #286 from whit537/patch-7 
revisions to Getting Started > Access Control Policies
 2015-05-31 15:51:08 -07:00
Seth Vargo
0af7e11fc6 Merge pull request #287 from whit537/patch-8 
revisions to Getting Started > Deploy Vault
 2015-05-31 15:50:58 -07:00
Chad Whitacre
adb777cc0f Provide missing verb 2015-05-31 17:19:34 -04:00
Chad Whitacre
15ed262345 Fix punctuation 
We want an apostrophe (for the contraction, not the possessive), but we don't want an extra period.
 2015-05-31 17:00:44 -04:00
Chad Whitacre
d0520bf24a Remove an errant article 2015-05-31 16:47:15 -04:00