internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-05-07 13:53:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow to specify subject (for CSRs) and issuer (for CRLs) ordered (#316)

Browse Source 
* Allow to specify subject (for CSRs) and issuer (for CRLs) ordered.

* Forgot import.

* Apply suggestions from code review

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

* Apply suggestions from code review

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>

* Fix typo.

* Simplify error handling, reject empty values outright.

* Document d497231e1c.

Co-authored-by: Ajpantuso <ajpantuso@gmail.com>
This commit is contained in:
Felix Fontein
2021-10-31 15:05:04 +01:00
committed by GitHub
parent ecbd44df22
commit 589e7c72ef
11 changed files with 391 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
changelogs/fragments/315-ordered-names.yml Normal file
View File

@@ -0,0 +1,9 @@
minor_changes:
- "acme_certificate - the ``subject`` and ``issuer`` fields in in the ``select_chain`` entries are now more strictly validated (https://github.com/ansible-collections/community.crypto/pull/316)."
- "openssl_csr, openssl_csr_pipe - there is now stricter validation of the values of the ``subject`` option (https://github.com/ansible-collections/community.crypto/pull/316)."
- "openssl_csr, openssl_csr_pipe - provide a new ``subject_ordered`` option if the order of the components in the subject is of importance (https://github.com/ansible-collections/community.crypto/issues/291, https://github.com/ansible-collections/community.crypto/pull/316)."
- "x509_crl - there is now stricter validation of the values of the ``issuer`` option (https://github.com/ansible-collections/community.crypto/pull/316)."
- "x509_crl - provide a new ``issuer_ordered`` option if the order of the components in the issuer is of importance (https://github.com/ansible-collections/community.crypto/issues/291, https://github.com/ansible-collections/community.crypto/pull/316)."
breaking_changes:
- "openssl_csr, openssl_csr_pipe, x509_crl - the ``subject`` respectively ``issuer`` fields no longer ignore empty values, but instead fail when encountering them (https://github.com/ansible-collections/community.crypto/pull/316)."
- "x509_crl - for idempotency checks, the ``issuer`` order is ignored. If order is important, use the new ``issuer_ordered`` option (https://github.com/ansible-collections/community.crypto/pull/316)."