Skip to content

2.0.0
Compare
Choose a tag to compare
@aguacongas aguacongas released this 03 Apr 14:37
· 2 commits to main since this release
2.0.0
d615130
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

2.0.0 (2022-04-03)

Bug Fixes

  • should never renew store protection keys (926d03a)

Features

  • allow providing store keys (afe62ba)

BREAKING CHANGES

Stores protections keys duration was not long enough this version set the duration to 1000 years but to upgrade from 1.0.x you must 1st save stores protection keys in .pem files at your terraform root or the server will not be able to read your dataprotection keys and signing keys any more :

kubectl get secrets theidserver-certs -n theidserver -o jsonpath="{.data['dataProtection\.crt']}" | base64 -d >> data_protection.pem
kubectl get secrets theidserver-certs -n theidserver -o jsonpath="{.data['dataProtection\.key']}" | base64 -d >> data_protection_private_key.pem
kubectl get secrets theidserver-certs -n theidserver -o jsonpath="{.data['signingKey\.crt']}" | base64 -d >> signing_key.pem
kubectl get secrets theidserver-certs -n theidserver -o jsonpath="{.data['signingKey\.key']}" | base64 -d >> signing_key_private_key.pem

The version 2.0.0 and above check if those files exists and use them instead of generated certificates.

Assets 2
Loading