Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,291 Commits
41 Branches
214 Tags
91 MiB
master
mariano/signer
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Commit Graph

397 Commits (master)

Author SHA1 Message Date
Andrew Reed 7101fbb0ee
Provisioner webhooks (#1001) 2 years ago
max furman ffff9af323
linting and fixing review feedback 2 years ago
max furman 7c5e5b2b87
Even more linter fixes 2 years ago
max furman 1e0ea6f958
more linting fixes 2 years ago
Mariano Cano 567d96c771
Revert "Run on plaintext HTTP to support Cloud Run" 
This reverts commit 09b9673a60.
 2 years ago
Brandon Weeks f3d2bd7a19
Run on plaintext HTTP to support Cloud Run 2 years ago
max furman ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors 2 years ago
Mariano Cano ebce40e9b6 Add new method ACMEClient.ValidateWithPayload 
This new method will be used to validate to validate the device
attestation payload.
 2 years ago
Mariano Cano 23b8f45b37 Address gosec warnings 
Most if not all false positives
 2 years ago
Mariano Cano 6cab4d328e Add a middleware to automatically route HEAD requests to GET 
Fixes #992
 2 years ago
Mariano Cano f1aabaa99c Use functions from os instead of io/ioutil 2 years ago
Mariano Cano a8819376d3 Remove empty lines on debug information 
At the start of step-ca some information about the CA is displayed,
this change remove extra lines when displaying the ssh public keys.
 2 years ago
Shulhan fe04f93d7f
all: reformat all go files with the next gofmt (Go 1.19) 
There are some changes that manually edited, for example using '-' as
default list and grouping imports.
 2 years ago
Herman Slatman a564b4f32e
Merge pull request #944 from smallstep/herman/tls-wasm-client 
Set nil dial context for js/wasm runtime
 2 years ago
Herman Slatman a7dd3a986f
Set nil dial context for js/wasm runtime 2 years ago
Mariano Cano 26dd97e718 Merge branch 'master' into context-authority 2 years ago
Mariano Cano 3c4d0412ef
Merge pull request #941 from smallstep/ssh-provisioner 
Report SSH provisioner
 2 years ago
Mariano Cano eebbd65dd5 Fix linter error 2 years ago
Max f8148071fb
Merge pull request #915 from smallstep/max/removing-beta 
exposing authority configuration for provisioner cli commands
 2 years ago
Mariano Cano 1ad75a3bdb Skip failing test for now 
This test fails randomly on VMs, there's an issue to fix this so
skipping it for now
 2 years ago
max furman bfb406bf70 Fixes for PR review 2 years ago
Mariano Cano f639bfc53b Use contexts on the new PolicyAdminResponder 2 years ago
Mariano Cano d461918eb0 Merge branch 'master' into context-authority 2 years ago
Mariano Cano 62d93a644e Apply base context to test of the ca package 2 years ago
Mariano Cano 9147356d8a Fix linter errors 2 years ago
Mariano Cano d1f75f1720 Refactor ACME api. 2 years ago
Mariano Cano 688f9ceb56 Add scep authority to context. 2 years ago
Mariano Cano 216d8f0efb Handle acme requests with the new api 2 years ago
Mariano Cano 439cb81b13 Use admin Route function 2 years ago
Mariano Cano 8bd4e1d73e Inject the acme database in the context 2 years ago
Mariano Cano 0446e82320 Add context methods for the authority database 2 years ago
Mariano Cano 623c296555 Create context methods from admin database 2 years ago
Mariano Cano d5070ecf31 Use server BaseContext 
Instead of using the authority middleware this change adds the
authority in the base context of the server.
 2 years ago
Mariano Cano a93653ea8e Use api.Route instead of the caHandler. 2 years ago
Mariano Cano 900a640f01 Enable the authority middleware in the server 2 years ago
Herman Slatman 2a7620641f
Fix more PR comments 2 years ago
Herman Slatman 76112c2da1
Improve error creation and testing for core policy engine 2 years ago
max furman b91affdd34 exposing authority configuration for provisioner cli commands 2 years ago
Herman Slatman a3c51881c7
Merge branch 'master' into herman/allow-deny 2 years ago
Herman Slatman b72430f4ea
Block all APIs when using linked deployment mode 2 years ago
Carl Tashian 97b64aa851 Cosmetic fix for consistency in the startup messages 2 years ago
Herman Slatman ad2de16299
Merge branch 'master' into herman/allow-deny 2 years ago
Mariano Cano 4770b405ba Drop any query string from the admin tokens 
This commit makes sure the admin token audience is passed without
a query string (or any fragment).
 2 years ago
Herman Slatman ff8cb19b78
Fix usage of URL in generateAdminToken 2 years ago
Herman Slatman abcad679ff
Merge branch 'master' into herman/allow-deny 2 years ago
Mariano Cano 2fbff47acf Add missing return in test. 2 years ago
Mariano Cano 304bb5b97a Remove unused code. 2 years ago
Mariano Cano 8abd568f03 Merge branch 'master' into fix/adminra 2 years ago
Mariano Cano c55b27a2fc Refactor admin token to use with RAs. 2 years ago
Herman Slatman 034b7943fe
Merge branch 'master' into herman/allow-deny 2 years ago
Herman Slatman 7df52dbb76
Add ACME EAB policy 2 years ago
Carl Tashian 150eee70df Updates based on Herman's feedback 2 years ago
Carl Tashian acc75bc679 Add context name to startup info 2 years ago
Carl Tashian 4b9f44982d Merge branch 'master' into startup-info 2 years ago
Carl Tashian 43f2c655b9 More info on startup 2 years ago
Carl Tashian 7ebb2e4c74
Update ca/ca.go 
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
 2 years ago
Carl Tashian 1ba1584c7a Formatted. 2 years ago
Carl Tashian a13e58e340 Update GetAuthorityInfo -> GetInfo 2 years ago
Carl Tashian 90cb6315b1 Progress. 2 years ago
Carl Tashian 055e75f394 Progress? 2 years ago
Herman Slatman 2fbdf7d5b0
Merge branch 'master' into herman/allow-deny 2 years ago
Herman Slatman 0e052fe299
Add authority policy API 2 years ago
Panagiotis Siatras 00634fb648
api/render, api/log: initial implementation of the packages (#860) 
* api/render: initial implementation of the package

* acme/api: refactored to support api/render

* authority/admin: refactored to support api/render

* ca: refactored to support api/render

* api: refactored to support api/render

* api/render: implemented Error

* api: refactored to support api/render.Error

* acme/api: refactored to support api/render.Error

* authority/admin: refactored to support api/render.Error

* ca: refactored to support api/render.Error

* ca: fixed broken tests

* api/render, api/log: moved error logging to this package

* acme: refactored Error so that it implements render.RenderableError

* authority/admin: refactored Error so that it implements render.RenderableError

* api/render: implemented RenderableError

* api/render: added test coverage for Error

* api/render: implemented statusCodeFromError

* api: refactored RootsPEM to work with render.Error

* acme, authority/admin: fixed pointer receiver name for consistency

* api/render, errs: moved StatusCoder & StackTracer to the render package
 2 years ago
Mariano Cano 750e9ee2f8 Attempt to fix TestBootstrapClientServerRotation 
This change attempts to fix the test TestBootstrapClientServerRotation.
Due to the backdate, the renew options get too large, causing
continuous renewals, and random errors. After experimenting with
different options, truncating durations to seconds have shown better
results than rounding or just use the plain time.
 2 years ago
Mariano Cano 5ab79f53be Fix linter errors 2 years ago
Herman Slatman dc23fd23bf
Merge branch 'master' into herman/allow-deny-next 2 years ago
Mariano Cano ba0b170818 Attempt to fix TestBootstrapClientServerRotation 
This change attempts to fix the test TestBootstrapClientServerRotation.
Due to the backdate, the renew options get too large, causing
continuous renewals, and random errors. After experimenting with
different options, truncating durations to seconds have shown better
results than rounding or just use the plain time.
 2 years ago
Carl Tashian f20784be56 format 2 years ago
Carl Tashian 91be50cf70 Add --quiet flag 2 years ago
Carl Tashian 91a25b52bd Print discord 2 years ago
Carl Tashian baf3c40fef Print some basic configuration info on startup 2 years ago
Mariano Cano ad8a813abe Fix linter errors 2 years ago
Panagiotis Siatras e6b2359273
ca: fixed import statement order 2 years ago
Panagiotis Siatras 9ba33bab4e
ca: refactored to use the read package 2 years ago
Mariano Cano 915911efb6 Disable http loggers in test. 
They hide the test that fail on tests in the CI.
 2 years ago
Mariano Cano ead742ca0f Fix unit test 2 years ago
Herman Slatman 81b0c6c37c
Add API implementation for authority and provisioner policy 2 years ago
Mariano Cano 6dcde8a743 Fix typo 2 years ago
Mariano Cano a4dd586a81 Add method to get the CA url from the client. 2 years ago
Mariano Cano 616490a9c6 Refactor renew after expiry token authorization 
This changes adds a new authority method that authorizes the
renew after expiry tokens.
 2 years ago
Mariano Cano 41ea67ce10 Attempt to fix a bootstrap tests 2 years ago
Herman Slatman 4ebf43c011
Merge pull request #820 from smallstep/herman/acme-api 
Refactor ACME Admin API
 2 years ago
Herman Slatman 5cb23c6029
Merge pull request #804 from smallstep/herman/normalize-ipv6-dns-names 
Normalize IPv6 hostname addresses
 2 years ago
Herman Slatman d00729df0b
Refactor ACME Admin API 2 years ago
Chris Crook 11637b5793 Add descriptive provisioner JWK decryption error messages 
Wrap other errors in decryption process with more helpful messaging.  This should help users troubleshoot misconfiguration more easily.

Fixes #816
 2 years ago
Herman Slatman bfa2245abb
Merge branch 'master' into herman/normalize-ipv6-dns-names 2 years ago
Herman Slatman c7c5c3c94e
Merge branch 'master' into herman/scep-macos-renewal-fixes 2 years ago
Herman Slatman fd9845e9c7
Add cursor and limit to ACME EAB DB interface 2 years ago
Herman Slatman 716b946e7a
Normalize IPv6 hostname addresses 2 years ago
Herman Slatman 64680bb16d
Fix PR comments 2 years ago
Herman Slatman 3612eefc31
Cleanup 2 years ago
Herman Slatman 9c6580ccd2
Fix macOS SCEP client issues 
Fixes #746
 2 years ago
Herman Slatman 30859d3c83
Remove server-side paging logic for ExternalAccountKeys 2 years ago
Herman Slatman 6929e31fe0
Merge branch 'master' into hs/acme-eab 2 years ago
Herman Slatman 22ff90f655
Merge branch 'master' into hs/acme-eab 2 years ago
Herman Slatman 07addd0cac
Fix linting issue 2 years ago
Herman Slatman a68208a3ba
Set Step CLI User-Agent when performing ACME requests 2 years ago
Mariano Cano 2c63abcf52 fix grammar 2 years ago
Mariano Cano 7c4e6dcc96 Remove duplicated code in bootstrap methods 2 years ago
Mariano Cano 64c19d4264 Fix subject in test, use ip 2 years ago