boulder

Commit Graph

Author	SHA1	Message	Date
Jacob Hoffman-Andrews	a0ce126a0f	set permissions for generated certs and keys (#7193 ) minica by default sets restrictive permissions on the directories it makes. This produced confusing behavior after regenerating keys: the `bconsul` container failed to start up because it couldn't access its TLS keys, which led to other errors during startservers.	2023-12-07 20:03:35 -08:00
Matthew McPherrin	54c25f9152	Regenerate redis-tls certs and include script (#7171 ) This copies the prelude from grpc-creds/generate.sh into redis-tls/generate.sh, and regenerates all the certs there, which are expiring.	2023-11-22 16:45:17 -05:00
Jacob Hoffman-Andrews	c1d221abe6	Add Redis to Boulder's docker-compose (#5747 ) This gets us ready to add writing to Redis from ocsp-updater. The Go redis client requires different configuration for cluster operation than non-cluster, so we need to simulate a cluster in our integration environment. Cluster operation requires a manual initialization step, which you can do like so: ``` docker-compose up -d bredis docker-compose exec bredis bash /test/redis-create.sh ``` I still need to figure out how to make that happen automatically during integration tests and when you run docker-compose up. The hex values in redis.config are randomly generated passwords for the different users. Fixes #5723	2021-10-28 10:36:11 -07:00

Author

SHA1

Message

Date

Jacob Hoffman-Andrews

a0ce126a0f

set permissions for generated certs and keys (#7193 )

minica by default sets restrictive permissions on the directories it
makes. This produced confusing behavior after regenerating keys: the
`bconsul` container failed to start up because it couldn't access its
TLS keys, which led to other errors during startservers.

2023-12-07 20:03:35 -08:00

Matthew McPherrin

54c25f9152

Regenerate redis-tls certs and include script (#7171 )

This copies the prelude from grpc-creds/generate.sh into
redis-tls/generate.sh, and regenerates all the certs there, which are
expiring.

2023-11-22 16:45:17 -05:00

Jacob Hoffman-Andrews

c1d221abe6

Add Redis to Boulder's docker-compose (#5747 )

This gets us ready to add writing to Redis from ocsp-updater. The Go
redis client requires different configuration for cluster operation
than non-cluster, so we need to simulate a cluster in our integration
environment. Cluster operation requires a manual initialization step,
which you can do like so:

```
docker-compose up -d bredis docker-compose exec bredis bash
/test/redis-create.sh
```

I still need to figure out how to make that happen automatically during
integration tests and when you run docker-compose up.

The hex values in redis.config are randomly generated passwords for the
different users.

Fixes #5723

2021-10-28 10:36:11 -07:00

3 Commits