Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Correctly validate JWT CA on bootstrap #8119

Merged
merged 2 commits into from
Sep 2, 2021
Merged

Correctly validate JWT CA on bootstrap #8119

merged 2 commits into from
Sep 2, 2021

Conversation

codingllama
Copy link
Contributor

Presently, teleport start --bootstrap state.yaml fails due to incorrect
handling of JWT CAs, even when the data is generated using
tctl get all --with-secrets.

Fixes #7853.

@codingllama
Copy link
Contributor Author

Regarding my own question of whether we should keep checkResourceConsistency, the answer is yes - we won't guarantee that local CAs have keys otherwise (ValidateCertAuthority checks existing keys, but does not ensure that keys are present).

@codingllama
Copy link
Contributor Author

Thanks for the super fast review, Forrest.

@codingllama
Correctly validate JWT CertAuthorities on bootstrap
0924534
@codingllama
Remove commented code
a1f9209 
Found out when the code formatter added a space to the comment.
@codingllama codingllama enabled auto-merge (squash) September 2, 2021 13:54
@codingllama codingllama merged commit 133ebcd into master Sep 2, 2021
@codingllama codingllama deleted the codingllama/bootstrap-fix branch September 2, 2021 14:09
@codingllama codingllama mentioned this pull request Sep 2, 2021
Merged
codingllama added a commit that referenced this pull request Sep 2, 2021
@codingllama
Correctly validate JWT CA on bootstrap (#8128)
6eb543d 
Presently, teleport start --bootstrap state.yaml fails due to incorrect
handling of JWT CAs, even when the data is generated using
tctl get all --with-secrets.

Backport of #8119.
zmb3 pushed a commit that referenced this pull request Sep 23, 2021
@codingllama @zmb3
Correctly validate JWT CA on bootstrap (#8119)
d69f6d6 
Presently, teleport start --bootstrap state.yaml fails due to incorrect
handling of JWT CAs, even when the data is generated using
tctl get all --with-secrets.

Fixes #7853.

* Correctly validate JWT CertAuthorities on bootstrap
* Remove commented code
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fspmarshall fspmarshall fspmarshall approved these changes

@zmb3 zmb3 zmb3 approved these changes

@klizhentas klizhentas klizhentas approved these changes

@r0mant r0mant Awaiting requested review from r0mant

@russjones russjones Awaiting requested review from russjones

Assignees
No one assigned
Labels
backport-required
Projects
None yet
Milestone
No milestone
4 participants
@codingllama @klizhentas @zmb3 @fspmarshall