Keyfactor / ejbca-vault-pki-engine

EJBCA PKI Engine and Backend for HashiCorp Vault. Used to issue, sign, and revoke certificates using the EJBCA CA.

Apache License 2.0

5 stars 2 forks source link

Revoke 55790 #9

Closed m8rmclaren closed 3 months ago

m8rmclaren commented 4 months ago

v1.2.0

Features

Create revoke-with-key path to revoke certificate only if user proves they have the private key
Implement the following role restrictions for issue and sign paths:
- allow_localhost
- allowed_domains
- allow_bare_domains
- allow_subdomains
- allow_glob_domains
- allow_wildcard_certificates

Fixes

Mark the following paths to not require authentication to match in-tree PKI engine:
- cert/*
- ca/pem
- ca_chain
- ca
- issuer/+/pem
- issuer/+/der
- issuer/+/json
- issuers/