Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow explicit issuer override on roles #15164

Closed
wants to merge 2 commits into from
Closed

Allow explicit issuer override on roles #15164

wants to merge 2 commits into from

Conversation

cipherboy
Copy link
Contributor

When a role is used to generate a certificate (such as with the sign/
and issue/ legacy paths or the legacy sign-verbatim/ paths), we prefer
that issuer to the one on the request. This allows operators to set an
issuer (other than default) for requests to be issued against,
effectively making the change no different from the users' perspective
as it is "just" a different role name.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

@cipherboy
Allow explicit issuer override on roles
5503c14 
When a role is used to generate a certificate (such as with the sign/
and issue/ legacy paths or the legacy sign-verbatim/ paths), we prefer
that issuer to the one on the request. This allows operators to set an
issuer (other than default) for requests to be issued against,
effectively making the change no different from the users' perspective
as it is "just" a different role name.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
@cipherboy
Add tests for role-based issuer selection
36c3c36 
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
@cipherboy cipherboy force-pushed the cipherboy-role-issuer-updates branch from 92fd9fb to 36c3c36 Compare April 25, 2022 18:58
@cipherboy
Copy link
Contributor Author

Thanks @stevendpclark! Merging... :)

@cipherboy cipherboy closed this Apr 26, 2022
@cipherboy cipherboy deleted the cipherboy-role-issuer-updates branch May 17, 2022 14:33
@cipherboy
Copy link
Contributor Author

This PR was merged in #15277. See that PR and the relevant docs PR #15238 for more information about this change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stevendpclark stevendpclark stevendpclark approved these changes

@kitography kitography Awaiting requested review from kitography

Assignees
No one assigned
Labels
pr/no-changelog secret/pki
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@cipherboy @stevendpclark