mirror of https://github.com/hashicorp/consul
7839b2d7e0
This test found a bug in the secondary. We were appending the root cert to the PEM, but that cert was already appended. This was failing validation in Vault here: https://github.com/hashicorp/vault/blob/sdk/v0.3.0/sdk/helper/certutil/types.go#L329 Previously this worked because self signed certs have the same SubjectKeyID and AuthorityKeyID. So having the same self-signed cert repeated doesn't fail that check. However with an intermediate that is not self-signed, those values are different, and so we fail the check. A test I added in a previous commit should show that this continues to work with self-signed root certs as well. |
||
---|---|---|
.. | ||
ca | ||
authz.go | ||
authz_test.go | ||
common_names.go | ||
csr.go | ||
generate.go | ||
generate_test.go | ||
parsing.go | ||
sni.go | ||
sni_test.go | ||
testing_ca.go | ||
testing_ca_test.go | ||
testing_spiffe.go | ||
uri.go | ||
uri_agent.go | ||
uri_agent_oss.go | ||
uri_agent_oss_test.go | ||
uri_service.go | ||
uri_service_oss.go | ||
uri_service_oss_test.go | ||
uri_signing.go | ||
uri_signing_test.go | ||
uri_test.go | ||
x509_patch.go | ||
x509_patch_test.go |