Skip to content

The May 2017 Release!
Compare
Choose a tag to compare
@bobveznat bobveznat released this 23 May 17:12
· 25 commits to master since this release
1.6.0
5e7d0e9

There are lots of small changes here and one of them may cause backwards compatibility problems. There's no real theme to this release, however.

Backwards Incompatible Change:

  • The daemon no longer binds to 0.0.0.0:8080 by default. Instead it binds to 127.0.0.1 by default which further enforces that you should run this service behind a real web server. If you want the old behavior you need to call runserver with --listen-address 0.0.0.0:8080. Thanks @shatil for the commit.

Backwards Compatible Changes:

  • Documentation prefers that cert requesters use PublicKeyPath rather than fingerprints. A lot of folks find fingerprints confusing.
  • If you're using an environment that's configured for auto-signing and a cert is auto-signed the get cert function will automatically download and try to add it to the agent. This saves the requester a call to get cert with the request id. Convenience!
  • The serial number on the cert is no longer a sequential integer starting at 0. Instead the serial number is random and actually matches the request id. The request id continues to be base32 encoded, however, if you end up base32 decoding this yourself know that you'll need to pad it (I truncate the trailing == to make it look pretty).
Assets 2
Loading