fix(configuration): certificate_chains can't be defined as secrets (#4302)
This fixes an issue where certificate_chain values can't be defined as secrets. While not expressly needed for certificates, it's more convenient and less prone to error than defining a environment variable with the contents.pull/4304/head
parent
7f247ca633
commit
6b2f713e10
|
@ -60,18 +60,24 @@ other configuration using the environment but instead of loading a file the valu
|
||||||
[duo_api.secret_key]: ../second-factor/duo.md#secret_key
|
[duo_api.secret_key]: ../second-factor/duo.md#secret_key
|
||||||
[session.secret]: ../session/introduction.md#secret
|
[session.secret]: ../session/introduction.md#secret
|
||||||
[session.redis.password]: ../session/redis.md#password
|
[session.redis.password]: ../session/redis.md#password
|
||||||
|
[session.redis.tls.certificate_chain]: ../session/redis.md#tls
|
||||||
[session.redis.tls.private_key]: ../session/redis.md#tls
|
[session.redis.tls.private_key]: ../session/redis.md#tls
|
||||||
[session.redis.high_availability.sentinel_password]: ../session/redis.md#sentinel_password
|
[session.redis.high_availability.sentinel_password]: ../session/redis.md#sentinel_password
|
||||||
[storage.encryption_key]: ../storage/introduction.md#encryption_key
|
[storage.encryption_key]: ../storage/introduction.md#encryption_key
|
||||||
[storage.mysql.password]: ../storage/mysql.md#password
|
[storage.mysql.password]: ../storage/mysql.md#password
|
||||||
|
[storage.mysql.tls.certificate_chain]: ../storage/mysql.md#tls
|
||||||
[storage.mysql.tls.private_key]: ../storage/mysql.md#tls
|
[storage.mysql.tls.private_key]: ../storage/mysql.md#tls
|
||||||
[storage.postgres.password]: ../storage/postgres.md#password
|
[storage.postgres.password]: ../storage/postgres.md#password
|
||||||
|
[storage.postgres.tls.certificate_chain]: ../storage/postgres.md#tls
|
||||||
[storage.postgres.tls.private_key]: ../storage/postgres.md#tls
|
[storage.postgres.tls.private_key]: ../storage/postgres.md#tls
|
||||||
[storage.postgres.ssl.key]: ../storage/postgres.md
|
[storage.postgres.ssl.key]: ../storage/postgres.md
|
||||||
[notifier.smtp.password]: ../notifications/smtp.md#password
|
[notifier.smtp.password]: ../notifications/smtp.md#password
|
||||||
|
[notifier.smtp.tls.certificate_chain]: ../notifications/smtp.md#tls
|
||||||
[notifier.smtp.tls.private_key]: ../notifications/smtp.md#tls
|
[notifier.smtp.tls.private_key]: ../notifications/smtp.md#tls
|
||||||
[authentication_backend.ldap.password]: ../first-factor/ldap.md#password
|
[authentication_backend.ldap.password]: ../first-factor/ldap.md#password
|
||||||
|
[authentication_backend.ldap.tls.certificate_chain]: ../first-factor/ldap.md#tls
|
||||||
[authentication_backend.ldap.tls.private_key]: ../first-factor/ldap.md#tls
|
[authentication_backend.ldap.tls.private_key]: ../first-factor/ldap.md#tls
|
||||||
|
[identity_providers.oidc.issuer_certificate_chain]: ../identity-providers/open-id-connect.md#issuer_certificate_chain
|
||||||
[identity_providers.oidc.issuer_private_key]: ../identity-providers/open-id-connect.md#issuer_private_key
|
[identity_providers.oidc.issuer_private_key]: ../identity-providers/open-id-connect.md#issuer_private_key
|
||||||
[identity_providers.oidc.hmac_secret]: ../identity-providers/open-id-connect.md#hmac_secret
|
[identity_providers.oidc.hmac_secret]: ../identity-providers/open-id-connect.md#hmac_secret
|
||||||
|
|
||||||
|
|
File diff suppressed because one or more lines are too long
|
@ -36,4 +36,4 @@ const (
|
||||||
errFmtDecodeHookCouldNotParseEmptyValue = "could not decode an empty value to a %s%s: %w"
|
errFmtDecodeHookCouldNotParseEmptyValue = "could not decode an empty value to a %s%s: %w"
|
||||||
)
|
)
|
||||||
|
|
||||||
var secretSuffixes = []string{"key", "secret", "password", "token"}
|
var secretSuffixes = []string{"key", "secret", "password", "token", "certificate_chain"}
|
||||||
|
|
Loading…
Reference in New Issue