Skip to content

Active revocation via HTTP API #2327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Active revocation via HTTP API #2327

wants to merge 2 commits into from
+5 −9

Conversation

tacerus
Copy link

@tacerus tacerus commented Jul 6, 2025
edited
Loading

Name of feature:

Allow for active revocation via HTTP API.

Pain or issue this feature alleviates:

Active revocation being rejected by the API.

Why is this important to the project (if not answered above):

Above.

Is there documentation on how to use this feature? If so, where?

Not any less documented than the existing HTTP API but will be reflected in Go docs.

In what environments or workflows is this feature supported?

n/a

In what environments or workflows is this feature explicitly NOT supported (if any)?

n/a

Supporting links/other PRs/issues:

This picks the commit from #2085 and adds another with the suggested improvements. As written in the commit message, the Passive boolean is kept as it still seems to be needed for preventing active revocation of SSH certificates.

💔Thank you!

@github-actions github-actions bot added the needs triage Waiting for discussion / prioritization by team label Jul 6, 2025
@tacerus
Clean up active/passive revocation tests
5730d1b 
Amend tests to no longer assert an error message upon active revocation
and to instead validate the success on either revocation variant,
reflecting previous changes.

In theory the "Passive" boolean seems removable as it does not add any
functionality besides being logged, but it was found some instances of
it are still needed to block active revocation for SSH certificates.

Signed-off-by: Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
@tacerus tacerus force-pushed the activerevocation branch from 0cab40a to 5730d1b Compare July 6, 2025 21:00
@tacerus tacerus mentioned this pull request Jul 6, 2025
Open
@tacerus tacerus marked this pull request as ready for review July 6, 2025 21:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@maraino maraino

@darkfronza darkfronza

Labels

needs triage Waiting for discussion / prioritization by team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@tacerus @maraino @darkfronza @VonRehberg