mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-10-29 17:52:32 +00:00
773911494e
* Compare public keys on trusted leaf certs, to prevent use of alternate certs with the same/forged serial numbers * changelog
5 lines
215 B
Plaintext
5 lines
215 B
Plaintext
```release-note:security
|
|
auth/cert: compare public keys of trusted non-CA certificates with incoming
|
|
client certificates to prevent trusting certs with the same serial number
|
|
but not the same public/private key.
|
|
``` |