Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Remove use of deprecated entity types | Bjørn Christian Seime | 2018-05-16 | 6 | -56/+66 |
| | |||||
* | Append parent ips to identity document | Morten Tokle | 2018-05-15 | 2 | -16/+41 |
| | |||||
* | Revert "Skip sending ipaddresses in CSR" | Morten Tokle | 2018-04-30 | 2 | -26/+1 |
| | |||||
* | Skip sending ipaddresses in CSR | Morten Tokle | 2018-04-27 | 2 | -1/+26 |
| | |||||
* | Use separate types for tenant and vespa identity providers | Bjørn Christian Seime | 2018-04-26 | 2 | -5/+5 |
| | | | | | | | | - Add ServiceIdentityProvider - Remove AthenzSslContextProvider - Change SiaIdentityProvider to implement ServiceIdentityProvider - Change AthenzIdentityProviderImpl to implement both ServiceIdentityProvider and AthenzIdentityProvider - Stop using AthenzIdentityProvider for internal use | ||||
* | Include ipaddress SAN in CSR | Morten Tokle | 2018-04-26 | 2 | -5/+8 |
| | |||||
* | Deprecate legacy SecretStore interface | Morten Tokle | 2018-04-24 | 1 | -1/+1 |
| | |||||
* | Rename Ckms -> SecretStore | Morten Tokle | 2018-04-23 | 1 | -5/+5 |
| | |||||
* | Change type of 'zts-endpoint' to URI | Bjørn Christian Seime | 2018-04-19 | 2 | -2/+4 |
| | |||||
* | Move identity document api types to vespa-athenz | Bjørn Christian Seime | 2018-04-19 | 9 | -246/+27 |
| | |||||
* | Add configserver hostname in identity document | Bjørn Christian Seime | 2018-04-19 | 1 | -1/+2 |
| | |||||
* | Retrieve host identity through client certificate | Bjørn Christian Seime | 2018-04-19 | 2 | -6/+17 |
| | |||||
* | Add separate method for generating identity document for tenant and node | Bjørn Christian Seime | 2018-04-19 | 1 | -1/+26 |
| | |||||
* | Add type for provider unique instance id | Bjørn Christian Seime | 2018-04-18 | 3 | -4/+5 |
| | |||||
* | Change format of provider unique instance id | Bjørn Christian Seime | 2018-04-18 | 1 | -1/+1 |
| | |||||
* | add access control to identity document resource | Morten Tokle | 2018-04-13 | 2 | -2/+35 |
| | |||||
* | Use Pkcs10Csr and related types in CertificateSigner | Bjørn Christian Seime | 2018-03-22 | 5 | -148/+64 |
| | |||||
* | Remove direct use of Crypto | Bjørn Christian Seime | 2018-03-22 | 1 | -4/+3 |
| | |||||
* | Use X509CertificateUtils | Bjørn Christian Seime | 2018-03-22 | 1 | -2/+2 |
| | |||||
* | Use certificate builder in AthenzSslTrustStoreConfigurator | Bjørn Christian Seime | 2018-03-22 | 1 | -40/+16 |
| | |||||
* | Revert "Bjorncs/certificate builder" | Harald Musum | 2018-03-21 | 8 | -85/+194 |
| | |||||
* | Use Pkcs10Csr and related types in CertificateSigner | Bjørn Christian Seime | 2018-03-20 | 5 | -148/+64 |
| | |||||
* | Remove direct use of Crypto | Bjørn Christian Seime | 2018-03-19 | 1 | -4/+3 |
| | |||||
* | Use X509CertificateUtils | Bjørn Christian Seime | 2018-03-19 | 1 | -2/+2 |
| | |||||
* | Use certificate builder in AthenzSslTrustStoreConfigurator | Bjørn Christian Seime | 2018-03-19 | 1 | -40/+16 |
| | |||||
* | Use KeyStoreBuilder in AthenzSslTrustStoreConfigurator and ↵ | Bjørn Christian Seime | 2018-03-12 | 2 | -41/+30 |
| | | | | AthenzSslKeyStoreConfigurator | ||||
* | Tune hostname-commonname mismatch message | Håkon Hallingstad | 2018-03-08 | 2 | -4/+5 |
| | |||||
* | Merge pull request #5239 from vespa-engine/bjorncs/configserver-tls-on-aws | Harald Musum | 2018-03-08 | 5 | -56/+25 |
|\ | | | | | Bjorncs/configserver tls on aws | ||||
| * | Don't unwrap parameters as separate fields | Bjørn Christian Seime | 2018-03-07 | 1 | -15/+6 |
| | | |||||
| * | ZTS server endpoint is zone specific | Bjørn Christian Seime | 2018-03-07 | 5 | -8/+5 |
| | | |||||
| * | Rewrite server TLS init to use bootstrap identity and allow AWS | Bjørn Christian Seime | 2018-03-07 | 5 | -38/+19 |
| | | |||||
* | | Respond with HTTP-400 when source IP does not match common name | Valerij Fredriksen | 2018-03-07 | 1 | -0/+4 |
|/ | |||||
* | Revert "Rewrite server TLS init to use bootstrap identity and allow AWS" | Håkon Hallingstad | 2018-03-03 | 5 | -19/+38 |
| | |||||
* | Rewrite server TLS init to use bootstrap identity and allow AWS | Bjørn Christian Seime | 2018-03-02 | 5 | -38/+19 |
| | |||||
* | Don't fail on keystore on disk read/write | Bjørn Christian Seime | 2018-03-01 | 2 | -9/+10 |
| | | | | Also rename getKeystoreExpiry to getCertificateExpiry | ||||
* | Cache Athenz certificate to disk. Prefer disk on load. | Bjørn Christian Seime | 2018-03-01 | 3 | -32/+83 |
| | | | | | Do not include expiry to Athenz request as they are default 30 days anyways. | ||||
* | Revert "Rewrite server TLS init to use bootstrap identity and allow AWS" | Harald Musum | 2018-02-28 | 5 | -32/+52 |
| | |||||
* | Rewrite server TLS init to use bootstrap identity and allow AWS | Bjørn Christian Seime | 2018-02-28 | 5 | -52/+32 |
| | |||||
* | Use Ckms instead of SecretStore in athenz-identity-provider-service | Bjørn Christian Seime | 2018-02-22 | 1 | -9/+10 |
| | |||||
* | move identityprovider package to vespa-athenz | Morten Tokle | 2018-02-22 | 13 | -1077/+0 |
| | |||||
* | Revert "Merge pull request #5072 from vespa-engine/revert-4984-mortent/ckms" | Morten Tokle | 2018-02-21 | 13 | -0/+1077 |
| | | | | | This reverts commit 6d7b65adfcd1e918da8173dab25bf701074f3cdc, reversing changes made to 2ecdfefd5616743f62691f64a517ab787d6f0c10. | ||||
* | Revert "Refactor identityprovider. Add SiaIdentityProvider" | Morten Tokle | 2018-02-20 | 13 | -1077/+0 |
| | |||||
* | Revert "Merge pull request #5072 from vespa-engine/revert-4984-mortent/ckms" | Morten Tokle | 2018-02-20 | 13 | -0/+1077 |
| | | | | | This reverts commit 6d7b65adfcd1e918da8173dab25bf701074f3cdc, reversing changes made to 2ecdfefd5616743f62691f64a517ab787d6f0c10. | ||||
* | Revert "Refactor identityprovider. Add SiaIdentityProvider" | Morten Tokle | 2018-02-20 | 13 | -1077/+0 |
| | |||||
* | Merge branch 'master' into mortent/ckms | Morten Tokle | 2018-02-20 | 1 | -1/+2 |
|\ | |||||
* | | Move identity provider to athenz-identity-provider-service module | Morten Tokle | 2018-02-16 | 13 | -0/+1076 |
|/ | |||||
* | Report config server cert expiry metrics | Valerij Fredriksen | 2018-02-06 | 3 | -9/+99 |
| | |||||
* | Implement /refresh endpoint for indetity provider | Valerij Fredriksen | 2018-01-31 | 1 | -1/+1 |
| | |||||
* | Add copyright headers | Jon Bratseth | 2018-01-25 | 5 | -0/+5 |
| | |||||
* | Revert "Use hostname if loadBalancerAddress is not set" | Valerij Fredriksen | 2018-01-22 | 1 | -4/+1 |
| |