linkerd2

Commit Graph

Author	SHA1	Message	Date
Zahari Dichev	3538944d03	Unify trust anchors terminology (#4047 ) Signed-off-by: Zahari Dichev <zaharidichev@gmail.com>	2020-02-15 10:12:46 +02:00
Mayank Shah	c1b683147a	Update identity to make certs more diagnosable (#3990 ) Update identity controller to make issuer certificates diagnosable if cert validity is causing error - Add expiry time in identity log message - Add current time in identity log message - Emit k8s event with appropriate message Signed-off-by: Mayank Shah <mayankshah1614@gmail.com>	2020-02-13 11:21:41 +02:00
Zahari Dichev	f88b55e36e	Tls certs checks (#3813 ) * Added checks for cert correctness * Add warning checks for approaching expiration * Add unit tests * Improve unit tests * Address comments * Address more comments * Prevent upgrade from breaking proxies when issuer cert is overwritten (#3821) * Address more comments * Add gate to upgrade cmd that checks that all proxies roots work with the identitiy issuer that we are updating to * Address comments * Enable use of upgarde to modify both roots and issuer at the same time Signed-off-by: Zahari Dichev <zaharidichev@gmail.com>	2019-12-16 14:49:32 -08:00
Zahari Dichev	a98fe03c5e	Consolidate certificates validation logic (#3810 ) * Consolidate certificates validation logic Signed-off-by: Zahari Dichev <zaharidichev@gmail.com> * Add test for upgrading trust anchors when using external cert manager Signed-off-by: Zahari Dichev <zaharidichev@gmail.com> * Add logic to ensure issuer cert is CA Signed-off-by: Zahari Dichev <zaharidichev@gmail.com> * Fix golden file Signed-off-by: Zahari Dichev <zaharidichev@gmail.com>	2019-12-13 10:01:55 +02:00

4 Commits