Dan Kirkwood created TC-509: ------------------------------- Summary: TO postinstall set default number of secrets to 1 Key: TC-509 URL: https://issues.apache.org/jira/browse/TC-509 Project: Traffic Control Issue Type: Improvement Components: Traffic Ops Affects Versions: 2.1.0, 2.0.0 Reporter: Dan Kirkwood Priority: Trivial Fix For: 2.2.0
postinstall for traffic_ops has default number of secrets to keep as 10. really no need to keep more than 2, and default should be only 1. The list is so if you create a new secret, any outstanding authentication cookies don't immediately get invalidated. So, the process should be to create a new secret, wait until max expiration has passed (during which any new cookies are created using the new secret), then remove the old secret. Old secrets should not be kept any longer than that.... -- This message was sent by Atlassian JIRA (v6.4.14#64029)