Release Highlights
- Operators can limit CAs that the gorouter trusts when validating client certs to a specified list (fixes #181 )
- See docs/limiting-trusted-cas-for-gorouter for more information on how to use this feature.
- Bumps to golang 1.15.6
Manifest Property Changes
| Job | Property | 0.209.0 | 0.210.0 |
|---|---|---|---|
| gorouter | router.only_trust_client_ca_certs
| did not exist | configurable and defaults to false
|
| gorouter | router.client_ca_certs
| did not exist | configurable and defaults to "" (nothing/empty string)
|
| gorouter | router.ca_certs
| exists already | updated spec description: Required. String of concatenated certificate authorities in PEM format, used to validate server certificates provided by remote systems. Gorouter also trust certificates signed by well-known CAs and by CA certificates installed on the filesystem. These CA certificates are also used to validate client certificates when router.only_trust_client_ca_certs is false.
|