Mathieu Dardenne
Mathieu Dardenne
Agree, which also implies to have a dedicated CRL for these client certificates.
The current scenario I have in mind is that if your Keywhiz server is using a SSL certificate (TLS Web Server Authentication) issued by a different root CA than your...
Yes it's possible but I am under the impression that concatenating CRL isn't supposed to be valid. (see http://openssl.6102.n7.nabble.com/concatenate-two-CRL-s-td21119.html) > The concatenation of two digitally signed CRLs is not a...
@mcpherrinm perfect, I will document that somewhere and use this solution. Thank you!
Quick question, why going over a full synchronisation every time ? I feel like it would be much more efficient to trigger a sync based on the `/secrets` response. Request...
Great, I noticed this behaviour from an old version I was playing with few weeks/months ago. I'll check the latest version. On another note, I believe we should be able...