scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-02 03:27:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update issuer usage with ocsp-signing by default (#17087)

Browse Source 
This option was elided from the default value for the usage field. This
results in issuers "losing" ocsp-signing when they're POST updated. Most
issuers will want OCSP signing by default, so it makes sense to add this
as the default.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
This commit is contained in:
Alexander Scheel
2022-09-09 13:28:45 -04:00
committed by GitHub
parent ed502a2112
commit 43443db98d
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
builtin/logical/pki/path_fetch_issuers.go
View File

@@ -103,10 +103,10 @@ intermediate CAs and "permit" only for root CAs.`,
fields["usage"] = &framework.FieldSchema{
Type: framework.TypeCommaStringSlice,
Description: `Comma-separated list (or string slice) of usages for
this issuer; valid values are "read-only", "issuing-certificates", and
"crl-signing". Multiple values may be specified. Read-only is implicit
and always set.`,
Default: []string{"read-only", "issuing-certificates", "crl-signing"},
this issuer; valid values are "read-only", "issuing-certificates",
"crl-signing", and "ocsp-signing". Multiple values may be specified. Read-only
is implicit and always set.`,
Default: []string{"read-only", "issuing-certificates", "crl-signing", "ocsp-signing"},
}
fields["revocation_signature_algorithm"] = &framework.FieldSchema{
Type: framework.TypeString,