Skip to content

Commit

Permalink
New PKI API to generate and sign a CRL based on input data (#18040)
Browse files Browse the repository at this point in the history 
* New PKI API to generate and sign a CRL based on input data

 - Add a new PKI API that allows an end-user to feed in all the
   information required to generate and sign a CRL by a given issuer.
 - This is pretty powerful API allowing an escape hatch for 3rd parties
   to craft customized CRLs with extensions based on their individual
   needs

* Add api-docs and error if reserved extension is provided as input

* Fix copy/paste error in Object Identifier constants

* Return nil on errors instead of partially filled slices

* Add cl
  • Loading branch information
@stevendpclark
stevendpclark authored Nov 22, 2022
1 parent 10bad84 commit 9fcb17c
Show file tree
Hide file tree
Showing 5 changed files with 655 additions and 14 deletions.
1 change: 1 addition & 0 deletions builtin/logical/pki/backend.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -180,6 +180,7 @@ func Backend(conf *logical.BackendConfig) *backend {

// CRL Signing
pathResignCrls(&b),
pathSignRevocationList(&b),
},

Secrets: []*framework.Secret{
Expand Down
Loading

0 comments on commit 9fcb17c

Please sign in to comment.