mirror of
https://github.com/rancher/dynamiclistener.git
synced 2026-07-01 06:45:21 +00:00
416cd9c2af962759013f65934f5e6d5c79106166
* factory: relax cnRegexp to accept RFC 6125 single-label wildcards * factory: escape '*' in getAnnotationKey to satisfy K8s annotation key rules * factory: NeedsUpdate honors existing wildcard SANs (RFC 6125 match) * factory: tests for cert-lifecycle paths with wildcard SANs * listener: filter wildcards from runtime sources (TLS SNI, TCP, HTTP) --------- Co-authored-by: Eshaan Lumba <lumbaeshaan@microsoft.com>
dynamiclistener
DynamicListener allows you to setup a server with automatically generated (and re-generated) TLS certs with kubernetes secrets integration.
This README is a work in progress; aimed towards providing information for navigating the contents of this repository.
Changing the Expiration Days for Newly Signed Certificates
By default, a newly signed certificate is set to expire 365 days (1 year) after its creation time and date.
You can use the CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS environment variable to change this value.
Please note: the value for the aforementioned variable must be a string representing an unsigned integer corresponding to the number of days until expiration (i.e. X509 "NotAfter" value).
Versioning
See VERSION.md.
Description
Languages
Go
100%