Define flag to include SIS certificate in host-admin truststore

author: Håkon Hallingstad <hakon@verizonmedia.com> 2019-09-27 15:46:05 +0200
committer: Håkon Hallingstad <hakon@verizonmedia.com> 2019-09-27 15:46:05 +0200
commit: fd7c424656251fe7af1a68df53b5800255b14bf5 (patch)
tree: 104c58f766d0787e1f3a11353b0c034160a05e2d /flags
parent: 6f27ed294b3c4ca74ccbf6c9d7d41710015c4917 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java
index 8bb16e8f334..869a07822b1 100644
--- a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java
+++ b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java
@@ -85,6 +85,12 @@ public class Flags {
             "Takes effect on next node agent tick. Change is orchestrated, but does NOT require container restart",
             HOSTNAME, APPLICATION_ID);
 
+    public static final UnboundBooleanFlag INCLUDE_SIS_IN_TRUSTSTORE = defineFeatureFlag(
+            "include-sis-in-truststore", false,
+            "Whether to use the trust store backed by Athenz and Service Identity certificates.",
+            "Takes effect on next tick, but may get throttled due to orchestration.",
+            HOSTNAME);
+
     public static final UnboundStringFlag TLS_INSECURE_MIXED_MODE = defineStringFlag(
             "tls-insecure-mixed-mode", "tls_client_mixed_server",
             "TLS insecure mixed mode. Allowed values: ['plaintext_client_mixed_server', 'tls_client_mixed_server', 'tls_client_tls_server']",
author	Håkon Hallingstad <hakon@verizonmedia.com>	2019-09-27 15:46:05 +0200
committer	Håkon Hallingstad <hakon@verizonmedia.com>	2019-09-27 15:46:05 +0200
commit	fd7c424656251fe7af1a68df53b5800255b14bf5 (patch)
tree	104c58f766d0787e1f3a11353b0c034160a05e2d /flags
parent	6f27ed294b3c4ca74ccbf6c9d7d41710015c4917 (diff)