Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,260 Commits
40 Branches
214 Tags
90 MiB
master
wire-acme-extensions
mariano/init-provisioners
fix-1637
dependabot/go_modules/github.com/slackhq/nebula-1.8.2
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Commit Graph

60 Commits (master)

Author SHA1 Message Date
Joe Doss 14c9de2570
Enable tpmkms. 1 month ago
Max 116ff8ed65
bump go.mod to go1.20 and associated linter fixes (#1518) 8 months ago
Mariano Cano 40a2f53589
Remove automatic initialization of the STEPPATH 
This commit upgrades cli-utils and crypto packages that remove the
automatic initialization of the STEPPATH.
 9 months ago
max furman 7c1c32d86b
Fix linting errors 1 year ago
Mariano Cano da95c44943
Fix lint issue with Go 1.20 1 year ago
Mariano Cano 1f4443d858
Support to ask for key password after crypto change 
A change in crypto will remove the dependency of the ui package
used for prompting passwords.
 2 years ago
max furman ffff9af323
linting and fixing review feedback 2 years ago
max furman 1e0ea6f958
more linting fixes 2 years ago
max furman ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors 2 years ago
Mariano Cano 23b8f45b37 Address gosec warnings 
Most if not all false positives
 2 years ago
Mariano Cano 369b8f81c3 Use go.step.sm/crypto/kms 
Fixes #975
 2 years ago
Mariano Cano 37b521ec6c
Merge branch 'master' into feat/vault 2 years ago
Panagiotis Siatras 6d4d4560df
add --context flag to step-ca command (#851) 
* added the --context flag

* apply the context and allow for different ca.json

* amended usage for consistency

* added an extra example

* added an extra example

* reordered and reworded examples
 2 years ago
Mariano Cano c0525381eb Merge branch 'master' into feat/vault 2 years ago
Herman Slatman af17b6a6f3
Make copyright year dynamic 2 years ago
Ahmet DEMIR 16390694e1
feat(vault): adding hashicorp vault cas 2 years ago
max furman 10db335f13 mv pkg config -> step 2 years ago
Mariano Cano e15b5faf7d Merge branch 'master' into keyvault 3 years ago
max furman 933b40a02a Introduce gocritic linter and address warnings 3 years ago
Mariano Cano 205148ad1f Fix exit after defer. 3 years ago
Mariano Cano 48549bf317 Initialize windows terminal on all binaries. 3 years ago
Mariano Cano d02cb1c869 Enable azurekms. 3 years ago
Mariano Cano cfe08ad6fe Add flags to usage. 3 years ago
Mariano Cano e727532963 Fix wrong format of the first flag on `step-ca --help` 3 years ago
Mariano Cano bdeb0ccd7c Add support for the flag --issuer-password-file 
The new flag allows to pass a file with the password used to decrypt
the key used in RA mode.
 3 years ago
Mariano Cano a6115e29c2 Add initial implementation of StepCAS. 
StepCAS allows to configure step-ca as an RA using another step-ca
as the main CA.
 3 years ago
Mariano Cano 8dca652bc7 Add support for PKCS #11 KMS. 
The implementation works with YubiHSM2. Unit tests are still pending.

Fixes #301
 3 years ago
Anton Lundin 3e6137110b Add support for using ssh-agent as a KMS 
This adds a new KMS, SSHAgentKMS, which is a KMS to provide signing keys
for issuing ssh certificates signed by a key managed by a ssh-agent. It
uses the golang.org/x/crypto package to get a native Go implementation
to talk to a ssh-agent.

This was primarly written to be able to use gpg-agent to provide the
keys stored in a YubiKeys openpgp interface, but can be used for other
setups like proxying a ssh-agent over network.

That way the signing key for ssh certificates can be kept in a
"sign-only" hsm.

This code was written for my employer Intinor AB, but for simplicity
sake gifted to me to contribute upstream.

Signed-off-by: Anton Lundin <glance@acc.umu.se>
 4 years ago
Mariano Cano 40d0596b71 Use smallstep/cli-utils instead of smallstep/cli 4 years ago
Mariano Cano 647b9b4541
Merge pull request #367 from smallstep/cas 
Support for CAS Interface and CloudCAS
 4 years ago
Carl Tashian fd07e25e61 Change Gitter links to GH Discussions tab 4 years ago
Mariano Cano 1b1f73dec6 Early attempt to develop a CAS interface. 4 years ago
Mariano Cano ddb4ca7a74 Move load of kms to main package. 
With this change packages that import the authority won't load by
default all the supported kms with all its dependencies.

Fixes #228
 4 years ago
Mariano Cano 869ef70211
Merge pull request #172 from 256dpi/master 
Added Resolver Option
 4 years ago
Sebastian Tiedtke f2b95647f3 Use date range in copyright 4 years ago
Joël Gähwiler 445fcbe621 added resolver 4 years ago
Mariano Cano 4d423137f0 Re-enable profiler. 4 years ago
Mariano Cano c60641701b Add version endpoint. 4 years ago
Alan Christopher Thomas 8f08b47a9c Rough wiring for basics of connecting to onboarding flow 4 years ago
Mariano Cano 5013f7ffe0 Move ca commands to its own package. 5 years ago
Mariano Cano 0efae31a29 Generate PKI and start server using onboarding. 5 years ago
Mariano Cano bca5dcc326 Remove url from error message. 5 years ago
Mariano Cano 0c654d93ea Create method for onboard action and clean code. 5 years ago
Alan Christopher Thomas c0d1399c38 Change onboarding bootstrap command to step-ca onboard 
cc @sourishkrout @maraino
 5 years ago
Alan Christopher Thomas 7c0622e50e Make note about adding "admin" JWT provisioner 5 years ago
Alan Christopher Thomas 21baa69473 Fix linting errors and remove useless code 5 years ago
Alan Christopher Thomas 15f2935db1 Rough wiring for basics of connecting to onboarding flow 5 years ago
Mariano Cano 10e7b81b9f Merge branch 'master' into ssh-ca 5 years ago
max furman e3bd2d0e2b Custom AppHelpTemplate for step-ca 5 years ago
Mariano Cano 00ebee870b Do not show value on boolean flags help. 5 years ago