Skip to content
This repository has been archived by the owner on Jan 25, 2023. It is now read-only.

v0.7.9
Compare
Choose a tag to compare
@brikis98 brikis98 released this 29 Aug 15:27
· 96 commits to master since this release
v0.7.9
123181b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Modules affected

  • run-consul

Description

  • Added a new --verify-server-hostname flag to run-consul that, when set, enables server hostname verification as part of RPC encryption. Each server in Consul should get its own certificate that contains SERVERNAME.DATACENTERNAME.consul in the hostname or SAN. This prevents an authenticated agent from being converted into a server that streams all data, bypassing ACLs.

Related links

Assets 2