weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
c685efeb03
cert-manager/pkg
History
Ashley Davis c5924f54a1
add + use CABundle field for ACME servers in issuers 
Previously it wasn't possible to set a custom CA bundle for an ACME
server, leading users to either patch the cert-manager system CA bundle
manually or else use SkipTLSVerify which is a security issue.

This adds CABundle for ACME, similar to what we have for Vault and
Venafi TPP issuers.

Longer term we'd like to have a more fully featured approach. It would
for example make sense to support loading CA bundles from ConfigMaps or
Secrets (similar to what we do for Vault issuers today), but for now this
change is the simplest change.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
2022-12-15 16:21:07 +00:00
..
acme add + use CABundle field for ACME servers in issuers 2022-12-15 16:21:07 +00:00
api apply go fmt for go1.19 2022-08-04 09:51:57 +00:00
apis add + use CABundle field for ACME servers in issuers 2022-12-15 16:21:07 +00:00
client Bump k8s.io deps to v0.26.0 2022-12-14 21:53:42 -08:00
controller Addressing review comments 2022-12-06 18:54:46 +05:30
ctl Remove bazel 🎉 2022-07-26 11:38:50 +01:00
issuer add + use CABundle field for ACME servers in issuers 2022-12-15 16:21:07 +00:00
logs Remove bazel 🎉 2022-07-26 11:38:50 +01:00
metrics refactor RemoveCertificate to use DeletePartialMatch 2022-09-28 10:24:30 -04:00
scheduler Remove bazel 🎉 2022-07-26 11:38:50 +01:00
util Gofmt files 2022-11-18 10:55:56 +00:00
webhook upgrade dependencies 2022-09-26 11:43:12 +02:00