Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address some small nits in PKI rotation #15019

Merged
merged 2 commits into from Apr 14, 2022
Merged

Address some small nits in PKI rotation #15019

merged 2 commits into from Apr 14, 2022

Conversation

stevendpclark
Copy link
Contributor

  • Reading the RFC, I had missed the detail about the migrated issuer/keys should have the Name set to current.
  • Fix issue spotted that we were no longer building up a CRL after the set-signed api call. Fix that issue and add a corresponding test validating a CRL exists post set-signed.

@stevendpclark
Assign Name=current to migrated key and issuer
1b8f0c6 
 - Detail I missed from the RFC was to assign the Name field as "current" for migrated key and issuer.
@stevendpclark
Build CRL upon PKI intermediary set-signed api called
a264721 
 - Add a call to buildCRL if we created an issuer within pathImportIssuers
 - Augment existing FullCAChain to verify we have a proper CRL post set-signed api call
 - Remove a code block writing out "ca" storage entry that is no longer used.
@stevendpclark stevendpclark force-pushed the stevendpclark/fix-small-migration-issues branch from 1cf2d55 to a264721 Compare April 13, 2022 20:27
@vercel vercel bot temporarily deployed to Preview – vault-storybook April 13, 2022 20:27 Inactive
@vercel vercel bot temporarily deployed to Preview – vault April 13, 2022 20:27 Inactive
@stevendpclark stevendpclark merged commit a264721 into pki-pod-rotation Apr 14, 2022
@vercel vercel bot temporarily deployed to Preview – vault April 14, 2022 18:28 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook April 14, 2022 18:28 Inactive
@stevendpclark stevendpclark deleted the stevendpclark/fix-small-migration-issues branch April 14, 2022 18:28
@cipherboy
Copy link
Contributor

This PR was merged in #15277. See that PR and the relevant docs PR #15238 for more information about this change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cipherboy cipherboy cipherboy approved these changes

@kitography kitography Awaiting requested review from kitography

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@stevendpclark @cipherboy