summaryrefslogtreecommitdiffstats
path: root/athenz-identity-provider-service
Commit message (Collapse)AuthorAgeFilesLines
...
* Include ipaddress SAN in CSRMorten Tokle2018-04-262-5/+8
|
* Deprecate legacy SecretStore interfaceMorten Tokle2018-04-241-1/+1
|
* Rename Ckms -> SecretStoreMorten Tokle2018-04-231-5/+5
|
* Change type of 'zts-endpoint' to URIBjørn Christian Seime2018-04-192-2/+4
|
* Move identity document api types to vespa-athenzBjørn Christian Seime2018-04-199-246/+27
|
* Add configserver hostname in identity documentBjørn Christian Seime2018-04-191-1/+2
|
* Retrieve host identity through client certificateBjørn Christian Seime2018-04-192-6/+17
|
* Add separate method for generating identity document for tenant and nodeBjørn Christian Seime2018-04-191-1/+26
|
* Add type for provider unique instance idBjørn Christian Seime2018-04-183-4/+5
|
* Change format of provider unique instance idBjørn Christian Seime2018-04-181-1/+1
|
* add access control to identity document resourceMorten Tokle2018-04-132-2/+35
|
* Use Pkcs10Csr and related types in CertificateSignerBjørn Christian Seime2018-03-225-148/+64
|
* Remove direct use of CryptoBjørn Christian Seime2018-03-221-4/+3
|
* Use X509CertificateUtilsBjørn Christian Seime2018-03-221-2/+2
|
* Use certificate builder in AthenzSslTrustStoreConfiguratorBjørn Christian Seime2018-03-221-40/+16
|
* Revert "Bjorncs/certificate builder"Harald Musum2018-03-218-85/+194
|
* Use Pkcs10Csr and related types in CertificateSignerBjørn Christian Seime2018-03-205-148/+64
|
* Remove direct use of CryptoBjørn Christian Seime2018-03-191-4/+3
|
* Use X509CertificateUtilsBjørn Christian Seime2018-03-191-2/+2
|
* Use certificate builder in AthenzSslTrustStoreConfiguratorBjørn Christian Seime2018-03-191-40/+16
|
* Use KeyStoreBuilder in AthenzSslTrustStoreConfigurator and ↵Bjørn Christian Seime2018-03-122-41/+30
| | | | AthenzSslKeyStoreConfigurator
* Merge pull request #5257 from ↵Valerij Fredriksen2018-03-082-4/+5
|\ | | | | | | | | vespa-engine/hakonhall/tune-hostname-commonname-mismatch-message Tune hostname-commonname mismatch message
| * Tune hostname-commonname mismatch messageHåkon Hallingstad2018-03-082-4/+5
| |
* | Merge pull request #5242 from vespa-engine/bjorncs/bouncycastle-preinstallgjoranv2018-03-081-11/+9
|\ \ | |/ |/| bjorncs+gv/bouncycastle preinstall
| * Use bouncycastle from container-dev.gjoranv2018-03-071-11/+9
| |
| * Don't bundle in BouncyCastle artifacts in athenz-identity-provider-serviceBjørn Christian Seime2018-03-071-2/+2
| |
* | Merge pull request #5239 from vespa-engine/bjorncs/configserver-tls-on-awsHarald Musum2018-03-085-56/+25
|\ \ | | | | | | Bjorncs/configserver tls on aws
| * | Don't unwrap parameters as separate fieldsBjørn Christian Seime2018-03-071-15/+6
| | |
| * | ZTS server endpoint is zone specificBjørn Christian Seime2018-03-075-8/+5
| | |
| * | Rewrite server TLS init to use bootstrap identity and allow AWSBjørn Christian Seime2018-03-075-38/+19
| |/
* / Respond with HTTP-400 when source IP does not match common nameValerij Fredriksen2018-03-071-0/+4
|/
* Revert "Rewrite server TLS init to use bootstrap identity and allow AWS"Håkon Hallingstad2018-03-035-19/+38
|
* Rewrite server TLS init to use bootstrap identity and allow AWSBjørn Christian Seime2018-03-025-38/+19
|
* Don't fail on keystore on disk read/writeBjørn Christian Seime2018-03-012-9/+10
| | | | Also rename getKeystoreExpiry to getCertificateExpiry
* Cache Athenz certificate to disk. Prefer disk on load.Bjørn Christian Seime2018-03-013-32/+83
| | | | | Do not include expiry to Athenz request as they are default 30 days anyways.
* Revert "Rewrite server TLS init to use bootstrap identity and allow AWS"Harald Musum2018-02-285-32/+52
|
* Rewrite server TLS init to use bootstrap identity and allow AWSBjørn Christian Seime2018-02-285-52/+32
|
* Use Ckms instead of SecretStore in athenz-identity-provider-serviceBjørn Christian Seime2018-02-221-9/+10
|
* move identityprovider package to vespa-athenzMorten Tokle2018-02-2213-1077/+0
|
* Add zts client depMorten Tokle2018-02-221-0/+24
|
* Add bouncycastle compile scope depMorten Tokle2018-02-211-0/+10
|
* Revert "Merge pull request #5072 from vespa-engine/revert-4984-mortent/ckms"Morten Tokle2018-02-2114-73/+1091
| | | | | This reverts commit 6d7b65adfcd1e918da8173dab25bf701074f3cdc, reversing changes made to 2ecdfefd5616743f62691f64a517ab787d6f0c10.
* Revert "Refactor identityprovider. Add SiaIdentityProvider"Morten Tokle2018-02-2014-1101/+73
|
* Add bouncycastle compile scope depMorten Tokle2018-02-201-0/+10
|
* Revert "Merge pull request #5072 from vespa-engine/revert-4984-mortent/ckms"Morten Tokle2018-02-2014-73/+1091
| | | | | This reverts commit 6d7b65adfcd1e918da8173dab25bf701074f3cdc, reversing changes made to 2ecdfefd5616743f62691f64a517ab787d6f0c10.
* Revert "Refactor identityprovider. Add SiaIdentityProvider"Morten Tokle2018-02-2014-1091/+73
|
* Merge branch 'master' into mortent/ckmsMorten Tokle2018-02-201-1/+2
|\
* | Move identity provider to athenz-identity-provider-service moduleMorten Tokle2018-02-1614-73/+1090
|/
* Report config server cert expiry metricsValerij Fredriksen2018-02-063-9/+99
|
* Implement /refresh endpoint for indetity providerValerij Fredriksen2018-01-311-1/+1
|