github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21302 Commits
1702 Branches
457 Tags
697 MiB
 
 
 
 
 
 
Branch: zalimeni/net-9141-exclude-ce-license-ent
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'zalimeni/net-9141-exclude-ce-license-ent'
${ noResults }
consul/docs/service-mesh/ca/ca-leader-sequence.mmd

19 lines
759 B
Raw Permalink Blame History

sequenceDiagram
Participant Provider
Participant PL As Primary Leader
Participant SL As Secondary Leader
Alt Primary don't have a valid CA
PL->>Provider:initializeRootCA (fetch root and sign intermediate)
Provider->>PL:root + intermediate
PL->>PL:RPC ConnectCA.Roots (fetch primary root and store it)
end
SL->>PL: RPC ConnectCA.Roots (fetch primary root and store it)
PL->>SL: Root + intermediate
Alt Secondary needs a new intermediate (check if current intermediate is signed by primary root)
SL->>Provider: Generate CSR
Provider->>SL: CSR
SL->>PL: ConnectCA.SignIntermediate (CSR)
PL->>SL: Intermediate CA (secondary)
SL->>Provider: Set Intermediate (secondary CA) + root (primary CA)
SL->>SL: Store certs in RAFT (primary root + secondary intermediate)
end