ResiLien/nebula
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
34d002d69562d032397919bfd3b514e27f57fea0
nebula/cert
History
John Maguire 34d002d695 Check CA cert and key match in nebula-cert sign (#503) 
`func (nc *NebulaCertificate) VerifyPrivateKey(key []byte) error` would
previously return an error even if passed the correct private key for a
CA certificate `nc`.

That function has been updated to support CA certificates, and
nebula-cert now calls it before signing a new certificate. Previously,
it would perform all constraint checks against the CA certificate
provided, take a SHA256 fingerprint of the provided certificate, insert
it into the new node certificate, and then finally sign it with the
mismatching private key provided.
2021-10-01 12:43:33 -04:00
..
ca.go
Use inclusive terminology for cert blocking (#272)
2020-08-06 11:17:47 +10:00
cert_test.go
Check CA cert and key match in nebula-cert sign (#503)
2021-10-01 12:43:33 -04:00
cert.go
Check CA cert and key match in nebula-cert sign (#503)
2021-10-01 12:43:33 -04:00
cert.pb.go
IPv6 support for outside (udp) (#369)
2021-03-18 20:37:24 -05:00
cert.proto
IPv6 support for outside (udp) (#369)
2021-03-18 20:37:24 -05:00
Makefile
IPv6 support for outside (udp) (#369)
2021-03-18 20:37:24 -05:00
README.md
Public Release
2019-11-19 17:00:20 +00:00

README.md

cert

This is a library for interacting with nebula style certificates and authorities.

A protobuf definition of the certificate format is also included

Compiling the protobuf definition

Make sure you have protoc installed.

To compile for go with the same version of protobuf specified in go.mod:

make