From 3418b2fbe55460ad05044cc548c82651af77745a Mon Sep 17 00:00:00 2001 From: "Scott G. Miller" Date: Thu, 27 Jan 2022 16:07:07 -0600 Subject: [PATCH] extra space --- website/content/partials/pki-forwarding-bug.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/partials/pki-forwarding-bug.mdx b/website/content/partials/pki-forwarding-bug.mdx index d966161f81c7..e759d7b324b6 100644 --- a/website/content/partials/pki-forwarding-bug.mdx +++ b/website/content/partials/pki-forwarding-bug.mdx @@ -3,7 +3,7 @@ A bug introduced in Vault 1.8 causes certificate generation requests to the PKI secrets engine made on a performance secondary node to be forwarded to the cluster's primary node. The resulting certificates are stored on the primary node, and thus visible to list and read certificate requests only on the primary node rather than the secondary node as -intended. Furthermore, if a certificate is subsequently revoked on a performance secondary node, the secondary's +intended. Furthermore, if a certificate is subsequently revoked on a performance secondary node, the secondary's certificate revocation list is updated, rather than the primary's where the certificate is stored. This bug is fixed in Vault 1.8.8 and 1.9.3. Certificates issued after the fix are correctly stored locally to the performance secondary.