Add client-side certificate generation support
Clients now generate keys client-side and send CSRs. If the server is down-level and sends a cert+key instead of just responding with a cert signed with the client's public key, we use the key from the server instead.
Signed-off-by:
Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit caeebc52)
Signed-off-by:
Brad Davidson <brad.davidson@rancher.com>
Showing
This diff is collapsed.
Click to expand it.
Please
register
or
sign in
to comment