Max Sokolovsky
ada93274e5
Allow for default expiration days to be loaded from env
...
(cherry picked from commit 2644a6ed16
2022-01-04 11:42:50 -05:00
Brian Downs
2df892b5d7
Add ability to force cert regeneration ( #43 ) ( #48 )
...
* add ability to force cert regeneration
2021-11-15 14:05:41 -07:00
Sjoerd Simons
8056fb92e8
Accept IPv6 address as CN names
...
Expand the cnRegexp to also accept ipv6 addresses such as:
* ::1
* 2a00:1450:400e:80e::
* 2a00:1450:400e:80e::200e
Fixes : #37
Signed-off-by: Sjoerd Simons <sjoerd@collabora.com>
(cherry picked from commit dc7452dbb8
2021-06-14 14:43:06 -07:00
Brad Davidson
53f6b38760
Allow forcing cert reissuance ( #28 )
...
Refreshing the cert should force renewal as opposed to returning
early if the SANs aren't changing. This is currently breaking refresh
of expired certs as per:
https://github.com/rancher/k3s/issues/1621#issuecomment-669464318
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-08-10 17:12:39 -07:00
Darren Shepherd
479ab335d6
Add LoadOrGenClient to handle client cert generation
2020-08-10 17:12:39 -07:00
Darren Shepherd
c992ce309c
Reject bad CNs that will prevent the secret from being saved.
2020-04-02 22:07:45 -07:00
Darren Shepherd
05d7922a86
Add ability to limit the maximum number of SANs
2020-03-18 23:16:38 -07:00
Darren Shepherd
bc68bf5499
Fix merging of the k8s secret to reduce the number of writes
2020-02-04 12:48:38 -07:00
Darren Shepherd
a75e84bc81
Add more helpers
2020-01-30 22:41:19 -07:00
Darren Shepherd
f1484a07b3
Add static storage and listener opts
2019-12-04 11:32:00 -07:00
Darren Shepherd
3c2990b7c5
Support old or imported RSA keys
2019-11-15 23:45:14 +00:00
Darren Shepherd
02b97e01f1
Attempt to minimize additional cert gens
2019-11-13 14:46:32 +00:00
Darren Shepherd
af04867843
Refactor to not include a server by default
2019-10-30 19:14:34 -07:00
