Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,019 Commits
40 Branches
214 Tags
92 MiB
master
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'herman/configure-server-http-timeout'
${ noResults }
Commit Graph

4019 Commits (herman/configure-server-http-timeout)
 

Author SHA1 Message Date
github-actions[bot] 4ded102f81
Merge pull request #1503 from smallstep/dependabot/go_modules/golang.org/x/net-0.14.0 
Bump golang.org/x/net from 0.13.0 to 0.14.0
 10 months ago
dependabot[bot] 91ef511e65
Bump github.com/newrelic/go-agent/v3 from 3.23.1 to 3.24.0 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.23.1 to 3.24.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.23.1...v3.24.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 10 months ago
dependabot[bot] e074b77243
Bump golang.org/x/net from 0.13.0 to 0.14.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/net/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 10 months ago
Herman Slatman e182c620c8
Merge branch 'master' into herman/scep-provisioner-decrypter 10 months ago
Herman Slatman 645b6ffc18
Ensure no prompt is fired for loading provisioner decrypter 10 months ago
Herman Slatman 6de964f13a
Merge pull request #1495 from smallstep/herman/acme-attestation-errors 
Return more detailed errors to ACME clients using `device-attest-01`
 10 months ago
Mariano Cano bdc7b1b691
Merge pull request #1501 from smallstep/safe-save 
Write configuration only if encoding succeeds
 10 months ago
Herman Slatman 0d09f3e202
Prevent data races with multiple PKCS7 encryption operations 10 months ago
Herman Slatman cbc1be310d
Merge branch 'master' into herman/acme-attestation-errors 10 months ago
Herman Slatman c952e9fc9d
Use `NewDetailedError` instead 10 months ago
Mariano Cano 30ce9e65f7
Write configuration only if encoding succeeds 
This commit fixes a problem when the ca.json is truncated if the
encoding of the configuration fails. This can happen by adding a new
provisioner with bad template data.

Related to smallstep/cli#994
 10 months ago
Herman Slatman e2e9bf5494
Clarify some SCEP properties 10 months ago
Herman Slatman 70626b157d
Merge branch 'master' into herman/scep-provisioner-decrypter 10 months ago
Mariano Cano 47d820561f
Merge pull request #1500 from smallstep/upgrade-crypto 
Fix adding certificate templates with ASN.1 functions
 10 months ago
Mariano Cano 4667060df8
Upgrade golang.org/x/net 
This commit fixes the vulnerability GO-2023-1988, improper rendering of
text nodes in golang.org/x/net/html.

More info: https://pkg.go.dev/vuln/GO-2023-1988
 10 months ago
Mariano Cano 103b4e1cf1
Fix adding certificate templates with ASN.1 functions 
This commit upgrades go.step.sm/crypto with a fix to validate the
templates that use custom functions.
 10 months ago
Herman Slatman 4186b2c2d0
Change JSON marshaling for SCEP provisioners 
Instead of the old method that redacted sensitive information
by overriding the value of the property and changing it back
to the original, the API now uses a model specifically meant
for API responses. This prevents potential race conditions.

This may be iterated on a bit so that we don't need to rely
on the [provisioner.Interface] interface, which requires the
API model to implement unnecessary methods.
 10 months ago
Herman Slatman d754000a68
Fix SCEP provisioner API test 10 months ago
Herman Slatman c0a1837cd9
Verify full decrypter/signer configuration at usage time 
When changing the SCEP configuration it is possible that one
or both of the decrypter configurations required are not available
or have been provided in a way that's not usable for actual SCEP
requests.

Instead of failing hard when provisioners are loaded,
which could result in the CA not starting properly, this type of
problematic configuration errors will now be handled at usage
time instead.
 10 months ago
Herman Slatman 88ed900dc3
Rely on the latest linkedca 10 months ago
Herman Slatman 0f35bb1af5
Defer missing decrypter/signer configuration errors to SCEP authority 10 months ago
Herman Slatman afdd8d3786
Upgrade `golang.org/x/net` to `v0.13.0` 10 months ago
Herman Slatman f3c24fe875
Change how multiple identifiers are printed in errors 10 months ago
Herman Slatman 4496830859
Merge branch 'master' into herman/acme-attestation-errors 10 months ago
Herman Slatman fc1fb51854
Improve SCEP authority initialization and reload 10 months ago
Herman Slatman 7163c4f95f
Add helper for getting the appropriate SCEP response signer 10 months ago
Herman Slatman 59b7419dcf
Rely on latest `linkedca` commit with `SCEPDecrypter` support 10 months ago
Herman Slatman 569a1be12c
Merge branch 'master' into herman/scep-provisioner-decrypter 10 months ago
github-actions[bot] c07124e374
Merge pull request #1499 from smallstep/dependabot/go_modules/google.golang.org/api-0.134.0 
Bump google.golang.org/api from 0.132.0 to 0.134.0
 10 months ago
dependabot[bot] 74240092e9
Bump google.golang.org/api from 0.132.0 to 0.134.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.132.0 to 0.134.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.132.0...v0.134.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 10 months ago
github-actions[bot] edd718d89e
Merge pull request #1498 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.57.0 
Bump google.golang.org/grpc from 1.56.2 to 1.57.0
 10 months ago
dependabot[bot] a8b67cd9e6
Bump google.golang.org/grpc from 1.56.2 to 1.57.0 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.2 to 1.57.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.56.2...v1.57.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 10 months ago
Herman Slatman a0cdad335d
Add test for `WithAdditionalErrorDetail` 10 months ago
Herman Slatman 9a52675865
Return descriptive error when using unsupported format 10 months ago
Herman Slatman 0d3338ff3a
Return consistent ACME error types for specific cases 10 months ago
Herman Slatman df22b8a303
Cleanup some leftover TODOs 10 months ago
Mariano Cano d8a9c69eaa
Merge pull request #1484 from smallstep/fix-620 
Add support for the disableSmallstepExtensions claim
 10 months ago
Herman Slatman dd9bf1e915
Add error details for the `step` format 10 months ago
Herman Slatman 9cbbd1d575
Add error details to ACME `tpm` format validation errors 10 months ago
Herman Slatman d5dd8feccd
Prevent internal errors from being returned to ACME clients 10 months ago
Herman Slatman 979e0f8f51
Add error details to select error cases for `apple` format 10 months ago
Mariano Cano d0fd9ebe42
Update Makefile preparing for a new release 10 months ago
Mariano Cano cce7d9e839
Address comments from code review 10 months ago
Mariano Cano c7c7decd5e
Add support for the disableSmallstepExtensions claim 
This commit adds a new claim to exclude the Smallstep provisioner
extension from the generated certificates.

Fixes #620
 10 months ago
Mariano Cano d7efceadb1
Merge pull request #1493 from smallstep/steppath 
Remove automatic initialization of the STEPPATH
 10 months ago
Mariano Cano 7429008599
Use tagged versions of crypto and cli-utils 10 months ago
Herman Slatman 1ce80cf740
Merge branch 'master' into herman/scep-provisioner-decrypter 10 months ago
Herman Slatman 567fc25404
Use the RSA decryption configuration for signing responses too 10 months ago
Mariano Cano 7061147885
Use step.Abs to load the certificate templates 
step.Abs has been removed from crypto and they need to be set when those
methods are used
 10 months ago
Mariano Cano 40a2f53589
Remove automatic initialization of the STEPPATH 
This commit upgrades cli-utils and crypto packages that remove the
automatic initialization of the STEPPATH.
 10 months ago