scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-29 09:42:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9b8d8fb4ffe7e305847cfed2fd859d78adb53f96
vault/changelog/28907.txt
Steven Clark 95a16dbafe PKI: Add a new leaf_not_after_behavior value to force erroring in all circumstances (#28907) 
* PKI: Add a new leaf_not_after_behavior value to force erroring in all circumstances

 - We introduce a new value called `always_enforce_err` for the existing
   leaf_not_after_behavior on a PKI issuer. The new value will force we
   error out all requests that have a TTL beyond the issuer's NotAfter value.

 - This will apply to leaf certificates issued through the API as did err,
   but now to CA issuance and ACME requests for which we previously changed
   the err configuration to truncate.

* Add cl

* Update UI test

* Fix changelog type
2024-11-15 11:59:54 -05:00

4 lines
256 B
Plaintext
Raw Blame History

```release-note:improvement
secret/pki: Introduce a new value `always_enforce_err` within `leaf_not_after_behavior` to force the error in all circumstances such as CA issuance and ACME requests if requested TTL values are beyond the issuer's NotAfter.
```
Reference in New Issue View Git Blame Copy Permalink