Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove SHA1 for certs in prep for Go 1.18 (#16455)
Remove SHA1 for certs in prep for Go 1.18 * Remove certs with SHA1 from tests * Use default SHA-256 with PKCS7 in AWS * Update SHA1 deprecation note Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
- Loading branch information
Showing
7 changed files
with
11 additions
and
51 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
```release-note:improvement | ||
auth/aws: PKCS7 signatures will now use SHA256 by default in prep for Go 1.18 | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
~> **Note**: This engine can use external X.509 certificates as part of TLS or signature validation. | ||
Verifying signatures against X.509 certificates that use SHA-1 is deprecated and will no longer be | ||
Verifying signatures against X.509 certificates that use SHA-1 is deprecated and is no longer | ||
usable without a workaround starting in Vault 1.12. See the | ||
[deprecation FAQ](/docs/deprecation/faq#q-what-is-the-impact-of-removing-support-for-x-509-certificates-with-signatures-that-use-sha-1) | ||
for more information. |