mirror of https://github.com/linkerd/linkerd2.git
b4266c93de
Fixes a problem where the identitiy serice can issue a certificate that has a lifetime larger than the issuer certificate. This was causing the proxies to end up using an invalid TLS certificate. This fix ensures that the lifetime of the issued certificate is not greater than the smallest lifetime of the certs in the issuer cert trust chain. Signed-off-by: Zahari Dichev <zaharidichev@gmail.com> |
||
|---|---|---|
| .. | ||
| ca.go | ||
| ca_test.go | ||
| codec.go | ||
| cred.go | ||
| cred_test.go | ||