cert-manager

Author	SHA1	Message	Date
Tim Ramlot	042f59d283	fix unused linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 15:29:00 +02:00
Tim Ramlot	9db044b232	fix gci linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
Tim Ramlot	38cd0accdb	graduate 'DisallowInsecureCSRUsageDefinition' to GA Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-26 16:14:31 +02:00
Tim Ramlot	04220447bc	remove deprecated files and functions Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 10:45:06 +01:00
Tim Ramlot	0acde5b1a4	fix changed behavior: set critical flag of SANs extension based on subject Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-07 11:01:34 +01:00
Tim Ramlot	950948e465	start using the new 'slices' library and deprecate old util functions Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-04 09:32:17 +01:00
Tim Ramlot	721f71ed60	Refactor the solution Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-13 09:37:21 +00:00
Tim Ramlot	bfd9a65160	Add OtherNameSANs field to Certificates * Added an otherName SAN extension mechanism * Can take any otherName OID with String (UTF-8) like value * cf [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) p 37 for more info * otherName is only a subset of GeneralName, our specific need for for UserPrincipalName used in Microsoft AD/ LDAP * We treat UPN special but we might remove this in a later commit Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 09:12:23 +00:00
Tim Ramlot	849b6bda9e	add tests & final cleanup Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-12 15:57:07 +01:00
tanujd11	bc75f8488d	fix: structure of nameconstraint in CSR Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-11 18:00:15 +05:30
tanujd11	28ca4312b3	fix: additional review comments Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:30:31 +05:30
tanujd11	adb9311f56	validate name constraint before signing CSR Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:29:45 +05:30
tanujd11	589030dec1	feature: added name constraints Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:27:31 +05:30
Tim Ramlot	1858ccf369	remove MaxPathLen CSR blob validation logic Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-08-23 14:24:36 +02:00
Tim Ramlot	5ba29272c0	add validation to pki CertificateTemplate function and add support for add DontAllowInsecureCSRUsageDefinition featuregate to use old behavior in controller Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-07-05 13:04:21 +02:00
cui fliter	4723347260	fix function name in comments Signed-off-by: cui fliter <imcusg@gmail.com>	2023-06-07 17:17:07 +08:00
Tim Ramlot	e7530880ce	use Version 3 for all Certificates and Version 0 for all CertificateRequests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-05-11 10:21:55 +02:00
Tim Ramlot	20599d1d35	remove CertificateTemplateAddKeyUsages Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-05-10 19:22:49 +02:00
Tim Ramlot	1c2662af82	cleanup CSR & CertificateTemplate util code Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-05-10 19:22:49 +02:00

19 Commits