Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Use KeyStoreBuilder in AthenzSslTrustStoreConfigurator and ↵ | Bjørn Christian Seime | 2018-03-12 | 2 | -41/+30 |
| | | | | AthenzSslKeyStoreConfigurator | ||||
* | Tune hostname-commonname mismatch message | Håkon Hallingstad | 2018-03-08 | 2 | -4/+5 |
| | |||||
* | Merge pull request #5239 from vespa-engine/bjorncs/configserver-tls-on-aws | Harald Musum | 2018-03-08 | 5 | -56/+25 |
|\ | | | | | Bjorncs/configserver tls on aws | ||||
| * | Don't unwrap parameters as separate fields | Bjørn Christian Seime | 2018-03-07 | 1 | -15/+6 |
| | | |||||
| * | ZTS server endpoint is zone specific | Bjørn Christian Seime | 2018-03-07 | 5 | -8/+5 |
| | | |||||
| * | Rewrite server TLS init to use bootstrap identity and allow AWS | Bjørn Christian Seime | 2018-03-07 | 5 | -38/+19 |
| | | |||||
* | | Respond with HTTP-400 when source IP does not match common name | Valerij Fredriksen | 2018-03-07 | 1 | -0/+4 |
|/ | |||||
* | Revert "Rewrite server TLS init to use bootstrap identity and allow AWS" | Håkon Hallingstad | 2018-03-03 | 5 | -19/+38 |
| | |||||
* | Rewrite server TLS init to use bootstrap identity and allow AWS | Bjørn Christian Seime | 2018-03-02 | 5 | -38/+19 |
| | |||||
* | Don't fail on keystore on disk read/write | Bjørn Christian Seime | 2018-03-01 | 2 | -9/+10 |
| | | | | Also rename getKeystoreExpiry to getCertificateExpiry | ||||
* | Cache Athenz certificate to disk. Prefer disk on load. | Bjørn Christian Seime | 2018-03-01 | 3 | -32/+83 |
| | | | | | Do not include expiry to Athenz request as they are default 30 days anyways. | ||||
* | Revert "Rewrite server TLS init to use bootstrap identity and allow AWS" | Harald Musum | 2018-02-28 | 5 | -32/+52 |
| | |||||
* | Rewrite server TLS init to use bootstrap identity and allow AWS | Bjørn Christian Seime | 2018-02-28 | 5 | -52/+32 |
| | |||||
* | Use Ckms instead of SecretStore in athenz-identity-provider-service | Bjørn Christian Seime | 2018-02-22 | 1 | -9/+10 |
| | |||||
* | move identityprovider package to vespa-athenz | Morten Tokle | 2018-02-22 | 13 | -1077/+0 |
| | |||||
* | Revert "Merge pull request #5072 from vespa-engine/revert-4984-mortent/ckms" | Morten Tokle | 2018-02-21 | 13 | -0/+1077 |
| | | | | | This reverts commit 6d7b65adfcd1e918da8173dab25bf701074f3cdc, reversing changes made to 2ecdfefd5616743f62691f64a517ab787d6f0c10. | ||||
* | Revert "Refactor identityprovider. Add SiaIdentityProvider" | Morten Tokle | 2018-02-20 | 13 | -1077/+0 |
| | |||||
* | Revert "Merge pull request #5072 from vespa-engine/revert-4984-mortent/ckms" | Morten Tokle | 2018-02-20 | 13 | -0/+1077 |
| | | | | | This reverts commit 6d7b65adfcd1e918da8173dab25bf701074f3cdc, reversing changes made to 2ecdfefd5616743f62691f64a517ab787d6f0c10. | ||||
* | Revert "Refactor identityprovider. Add SiaIdentityProvider" | Morten Tokle | 2018-02-20 | 13 | -1077/+0 |
| | |||||
* | Merge branch 'master' into mortent/ckms | Morten Tokle | 2018-02-20 | 1 | -1/+2 |
|\ | |||||
* | | Move identity provider to athenz-identity-provider-service module | Morten Tokle | 2018-02-16 | 13 | -0/+1076 |
|/ | |||||
* | Report config server cert expiry metrics | Valerij Fredriksen | 2018-02-06 | 3 | -9/+99 |
| | |||||
* | Implement /refresh endpoint for indetity provider | Valerij Fredriksen | 2018-01-31 | 1 | -1/+1 |
| | |||||
* | Add copyright headers | Jon Bratseth | 2018-01-25 | 5 | -0/+5 |
| | |||||
* | Revert "Use hostname if loadBalancerAddress is not set" | Valerij Fredriksen | 2018-01-22 | 1 | -4/+1 |
| | |||||
* | Use hostname if loadBalancerAddress is not set | Bjørn Christian Seime | 2018-01-16 | 1 | -1/+4 |
| | |||||
* | Use ContentSigner with BouncyCastle provider | Bjørn Christian Seime | 2018-01-16 | 1 | -1/+3 |
| | |||||
* | Manually resolve remote | Valerij Fredriksen | 2018-01-04 | 1 | -1/+10 |
| | |||||
* | Remove unnecessary use of AtomicReference | Bjørn Christian Seime | 2017-12-06 | 1 | -4/+4 |
| | |||||
* | Retrieve initial certificate in constructor for fail-fast semantics | Bjørn Christian Seime | 2017-12-06 | 1 | -19/+41 |
| | |||||
* | Don't warn when actual expiry is longer than expected | Bjørn Christian Seime | 2017-12-06 | 1 | -7/+5 |
| | |||||
* | Match issuer name defined in self-signed cert in trust store | Bjørn Christian Seime | 2017-12-06 | 1 | -5/+8 |
| | |||||
* | Merge pull request #4354 from vespa-engine/bjorncs/athenz-ca-in-truststore | Bjørn Christian Seime | 2017-12-05 | 3 | -3/+9 |
|\ | | | | | Load Athenz CA certificates to JDisc truststore | ||||
| * | Load Athenz CA certificates to JDisc truststore | Bjørn Christian Seime | 2017-12-05 | 3 | -3/+9 |
| | | |||||
* | | Enable Athenz TLS certificate for main | Bjørn Christian Seime | 2017-12-05 | 1 | -7/+0 |
|/ | |||||
* | Add trust store configurator with config server's CA cert | Bjørn Christian Seime | 2017-12-05 | 3 | -1/+115 |
| | |||||
* | Revert "Add trust store configurator with config server's CA cert" | Arnstein Ressem | 2017-12-05 | 3 | -115/+1 |
| | |||||
* | Use Extension.basicConstraints instead of cryptic string id | Bjørn Christian Seime | 2017-12-04 | 1 | -2/+1 |
| | |||||
* | Add trust store configurator with config server's CA cert | Bjørn Christian Seime | 2017-12-04 | 3 | -1/+116 |
| | |||||
* | Add unit test for CsrSerializedPayload deserialization | Bjørn Christian Seime | 2017-11-22 | 1 | -0/+32 |
| | |||||
* | Move model types to same package as certificate signer resource | Bjørn Christian Seime | 2017-11-22 | 3 | -4/+2 |
| | |||||
* | Don't inject config instances into jax-rs resources | Bjørn Christian Seime | 2017-11-21 | 7 | -43/+31 |
| | | | | | Injection of config instances is not suppored for jax-rs resources. All dependencies of resources must be components. | ||||
* | Fix typo | Bjørn Christian Seime | 2017-11-17 | 2 | -2/+2 |
| | |||||
* | Cleanup logging in IdentityDocumentResource | Bjørn Christian Seime | 2017-11-17 | 1 | -2/+1 |
| | |||||
* | Remove fixed TODO | Bjørn Christian Seime | 2017-11-17 | 1 | -1/+0 |
| | |||||
* | Move classes to separate directory based on web service resource | Bjørn Christian Seime | 2017-11-17 | 10 | -30/+25 |
| | |||||
* | Make KeyProvider an injectable component | Bjørn Christian Seime | 2017-11-17 | 11 | -30/+28 |
| | |||||
* | Remove unused parameters in config definition | Bjørn Christian Seime | 2017-11-17 | 2 | -11/+1 |
| | |||||
* | Remove CertificateClient interface | Bjørn Christian Seime | 2017-11-17 | 2 | -16/+1 |
| | |||||
* | Remove AthenzInstanceProviderService and related classes | Bjørn Christian Seime | 2017-11-17 | 8 | -493/+82 |
| |