Commit Graph

38 Commits (b86c018a19f317798bb277482f11b83ee081d4fc)

Author SHA1 Message Date
Matt Keeler dbb461a5d3
Allow setting verify_incoming* when using auto_encrypt or auto_config (#8394)
4 years ago
Matt Keeler 6e7acfa618
Add an AutoEncrypt “integration” test
4 years ago
Matt Keeler 51c3a605ad
Merge pull request #8035 from hashicorp/feature/auto-config/server-rpc
5 years ago
Matt Keeler 9b01f9423c
Implement the insecure version of the Cluster.AutoConfig RPC endpoint
5 years ago
Daniel Nephin cb050b280c ci: enable SA4006 staticcheck check
5 years ago
Daniel Nephin c88fae0aac ci: Add staticcheck and fix most errors
5 years ago
Hans Hasselberg 51549bd232
rpc: oss changes for network area connection pooling (#7735)
5 years ago
Hans Hasselberg 7777891aa6
tls: remove old ciphers (#7282)
5 years ago
R.B. Boyer 6adad71125
wan federation via mesh gateways (#6884)
5 years ago
Hans Hasselberg e05ac57e8f
tls: support tls 1.3 (#7325)
5 years ago
Chris Piraino 401221de58
Allow users to configure either unstructured or JSON logging (#7130)
5 years ago
Hans Hasselberg 11a571de95
agent: setup grpc server with auto_encrypt certs and add -https-port (#7086)
5 years ago
Hans Hasselberg edcc64da74
tests: switch to WithinDuration to improve test (#6860)
5 years ago
Hans Hasselberg 9ff69194a2
tls: auto_encrypt and verify_incoming (#6811) (#6899)
5 years ago
Hans Hasselberg a3f49109e6 tls: return auto_encrypt cert for listeners (#6489)
5 years ago
R.B. Boyer af01d397a5
connect: don't colon-hex-encode the AuthorityKeyId and SubjectKeyId fields in connect certs (#6492)
5 years ago
Todd Radel 2552f4a11a
connect: Support RSA keys in addition to ECDSA (#6055)
5 years ago
Hans Hasselberg 33a7df3330
tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597)
5 years ago
Hans Hasselberg 7e11dd82aa
agent: enable reloading of tls config (#5419)
6 years ago
R.B. Boyer f4a3b9d518
fix typos reported by golangci-lint:misspell (#5434)
6 years ago
Hans Hasselberg eb0895c5fb
tlsutil: don't use `server_name` config for RPC connections (#5394)
6 years ago
Hans Hasselberg 80e7d63fc2
Centralise tls configuration part 2 (#5374)
6 years ago
Hans Hasselberg 786b3b1095
Centralise tls configuration part 1 (#5366)
6 years ago
Hans Hasselberg 787f3f8aa6 agent: honor when ca is set but verify_outgoing is disabled (#4826)
6 years ago
Jack Pearkes b64e8b262f
Documentation and changes for `verify_server_hostname` (#5069)
6 years ago
Devin Canterberry a61abcd931
🐛 Formatting changes only; add missing trailing commas
7 years ago
Devin Canterberry c901307a47
🔒 Update supported TLS cipher suites
7 years ago
James Phillips 8324c1b9a6
Removes stale TLS config clone() in favor of new supported method.
7 years ago
Kyle Havlovitz 5bab68b9bb Add a path for transitioning to TLS on an existing cluster (#3001)
8 years ago
Kyle Havlovitz b70e419aeb Add TLS cipher suite options and CA path support (#2963)
8 years ago
Frank Schroeder 3e00e36f41 golint: Untangle if blocks with return in else
8 years ago
Kyle Havlovitz 07ba3ddb6e
Add TLSMinVersion to config options
8 years ago
James Phillips 6de74c60a4 Upgrades to Go 1.7 and fixes vet finding and TLS behavior change. (#2281)
8 years ago
Armon Dadgar 53f2d8868c tlsutil: Testing hostname verification
10 years ago
Armon Dadgar 7665b65834 tlsutil: Testing VerifyServerHostname on OutgoingConfig
10 years ago
Armon Dadgar cfe788646d tlsutil: Adding wrappers for hostname verification
10 years ago
Armon Dadgar 6b2390833d tls: define wrapper type
10 years ago
Atin Malaviya f1f8c88228 Moved TLS Config stuff to tlsutil package
10 years ago