mirror of https://github.com/hashicorp/consul
608597c7b6
This commit makes two changes to the validation. Previously we would call this validation in GenerateRoot, which happens both on initialization (when a follower becomes leader), and when a configuration is updated. We only want to do this validation during config update so the logic was moved to the UpdateConfiguration function. Previously we would compare the config values against the actual cert. This caused problems when the cert was created manually in Vault (not created by Consul). Now we compare the new config against the previous config. Using a already created CA cert should never error now. Adding the key bit and types to the config should only error when the previous values were not the defaults. |
||
---|---|---|
.. | ||
ca | ||
authz.go | ||
authz_test.go | ||
common_names.go | ||
csr.go | ||
generate.go | ||
generate_test.go | ||
parsing.go | ||
sni.go | ||
sni_test.go | ||
testing_ca.go | ||
testing_ca_test.go | ||
testing_spiffe.go | ||
uri.go | ||
uri_agent.go | ||
uri_agent_oss.go | ||
uri_agent_oss_test.go | ||
uri_service.go | ||
uri_service_oss.go | ||
uri_service_oss_test.go | ||
uri_signing.go | ||
uri_signing_test.go | ||
uri_test.go | ||
x509_patch.go | ||
x509_patch_test.go |