Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CRL support to Prometheus #505

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add CRL support to Prometheus #505

wants to merge 2 commits into from

Commits on Aug 3, 2023

  1. Add CRL support to Prometheus 

    This commit adds support for certificate revocation status by Certificate
Revocation List (CRL) in Prometheus.

New fields 'CRL' and 'CRLFile' have been added to the Prometheus config
('tls_config' section). These enable certificate revocation validation
with the provided CRL.

The Prometheus loads the Certificate Revocation List (CRL) to validate the
revocation status of the peer's certificate chain by invoking the
'verifyPeerCertificate' (https://pkg.go.dev/crypto/tls) function during
a TLS handshake.

Signed-off-by: Ziqi Zhang <ziqi.zhang.ext@ericsson.com>
    Ziqi Zhang committed Aug 3, 2023
    Configuration menu
    Copy the full SHA
    e87d76c View commit details
    Browse the repository at this point in the history

  2. Add support to deprecated CRL functions for go1.18 

    Move and separate version-sensitive functionalities related to
CRL into two go files within the config package so that it can
build with the corresponding go version.

Signed-off-by: Ziqi Zhang <ziqi.zhang.ext@ericsson.com>
    Ziqi Zhang committed Aug 3, 2023
    Configuration menu
    Copy the full SHA
    679b65a View commit details
    Browse the repository at this point in the history