github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
101,839 Commits 1 Branch 31 Tags 1,019 MiB
dba8ee229e
Commit Graph

11 Commits

Author SHA1 Message Date
Monis Khan
7e891e5d6c
csr: correctly handle backdating of short lived certs 
This change updates the backdating logic to only be applied to the
NotBefore date and not the NotAfter date when the certificate is
short lived. Thus when such a certificate is issued, it will not be
immediately expired.  Long lived certificates continue to have the
same lifetime as before.

Consolidated all certificate lifetime logic into the
PermissiveSigningPolicy.policy method.

Signed-off-by: Monis Khan <mok@vmware.com>
 2021-06-23 15:36:11 -04:00
Jordan Liggitt
db4ca87d9d Switch CSR approver/signer/cleaner controllers to v1 2020-06-05 18:45:34 -04:00
Jordan Liggitt
57eddd5e04 Record Failed condition in signer controller 2020-05-28 12:20:40 -04:00
David Eads
83035890ad refactor the CSR controller into distinct controllers to allow easy configuration of multiple signing keys 2020-05-05 10:18:04 -04:00
James Munnelly
d5dae04898 certificates: update controllers to understand signerName field 
Signed-off-by: James Munnelly <james.munnelly@jetstack.io>
 2020-02-27 15:54:31 +00:00
James Munnelly
a983356caa Add signerName field to CSR resource spec 
Signed-off-by: James Munnelly <james.munnelly@jetstack.io>
 2020-02-27 10:17:55 +00:00
Mike Danese
25651408ae generated: run refactor 2020-02-08 12:30:21 -05:00
Mike Danese
3aa59f7f30 generated: run refactor 2020-02-07 18:16:47 -08:00
David Eads
6ccfc3aecf add dynamic reloading for CSR signing controllers 2020-01-22 15:00:46 -05:00
Mike Danese
fe51712288 refactor into seperate authority package 2019-11-04 10:56:06 -08:00
Mike Danese
4bd2c3998f don't use cfssl in signer 2019-11-04 10:56:06 -08:00