mirror of https://github.com/hashicorp/consul
Update TODOs to reference an issue with more details
And remove a no longer needed TODOpull/11910/head
parent
12f12d577a
commit
6b679aa9d4
|
@ -135,7 +135,7 @@ type PrimaryProvider interface {
|
|||
// the active intermediate. If multiple intermediates are needed to complete
|
||||
// the chain from the signing certificate back to the active root, they should
|
||||
// all by bundled here.
|
||||
// TODO: replace with GenerateLeafSigningCert
|
||||
// TODO: replace with GenerateLeafSigningCert (https://github.com/hashicorp/consul/issues/12386)
|
||||
GenerateIntermediate() (string, error)
|
||||
|
||||
// SignIntermediate will validate the CSR to ensure the trust domain in the
|
||||
|
|
|
@ -603,7 +603,6 @@ func (v *VaultProvider) SignIntermediate(csr *x509.CertificateRequest) (string,
|
|||
// CrossSignCA takes a CA certificate and cross-signs it to form a trust chain
|
||||
// back to our active root.
|
||||
func (v *VaultProvider) CrossSignCA(cert *x509.Certificate) (string, error) {
|
||||
// TODO: is this necessary? Doesn't vault check this for us?
|
||||
rootPEM, err := v.getCA(v.config.RootPKIPath)
|
||||
if err != nil {
|
||||
return "", err
|
||||
|
|
|
@ -488,7 +488,7 @@ func (c *CAManager) primaryInitialize(provider ca.Provider, conf *structs.CAConf
|
|||
return err
|
||||
}
|
||||
|
||||
// TODO: delete this
|
||||
// TODO: https://github.com/hashicorp/consul/issues/12386
|
||||
interPEM, err := provider.GenerateIntermediate()
|
||||
if err != nil {
|
||||
return fmt.Errorf("error generating intermediate cert: %v", err)
|
||||
|
@ -976,7 +976,7 @@ func (c *CAManager) primaryUpdateRootCA(newProvider ca.Provider, args *structs.C
|
|||
}
|
||||
}
|
||||
|
||||
// TODO: delete this
|
||||
// TODO: https://github.com/hashicorp/consul/issues/12386
|
||||
intermediate, err := newProvider.GenerateIntermediate()
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
Loading…
Reference in New Issue