Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,647 Commits
41 Branches
215 Tags
93 MiB
master
fix-1637
dependabot/go_modules/github.com/slackhq/nebula-1.9.3
dependabot/go_modules/github.com/google/go-tpm-0.9.1
wire-acme-extensions
mariano/init-provisioners
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.26.2
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'max/nebula-sign-curve'
${ noResults }
Commit Graph

203 Commits (max/nebula-sign-curve)

Author SHA1 Message Date
Max df13351586
Merge pull request #1381 from smallstep/max/go-1.19 
Bump go.mod golang version to 1.19
 1 year ago
max furman 8b256f0351
address linter warning for go 1.19 1 year ago
Herman Slatman 017c3273ef
Merge pull request #1374 from smallstep/herman/log-ssh-certificate 
Log SSH certificates
 1 year ago
Herman Slatman f17bfdf57d
Reformat the SSH certificate logging output for read- and parsability 1 year ago
Herman Slatman 4c56877d97
Add SSH certificate logging to renew and rekey too 1 year ago
Panagiotis Siatras 2139121683
optimized render.JSON (#929) 
* api/render: render JSON directly to the underlying writer

* also consider json.MarshalerError a panic
 1 year ago
Herman Slatman 81140f859c
Fix `valid-from` and `valid-to` times 1 year ago
Herman Slatman 39e658b527
Add test for `LogSSHCertificate` 1 year ago
Herman Slatman 922f702da3
Add logging for SSH certificate issuance 1 year ago
Herman Slatman f9ec62f46c
Merge branch 'master' into herman/improve-scep-marshaling 1 year ago
Panagiotis Siatras d797941137
do not render CRLs in memory (#1373) 1 year ago
Herman Slatman c365d8580e
Move provisioner marshaling logic to api package 2 years ago
Herman Slatman b8c306ebfa
Refactor tests stylistically 2 years ago
Panagiotis Siatras 9197de3e96
api/log: removed dependency to certificates/logging 2 years ago
Panagiotis Siatras b7f4881972
merged log tests 2 years ago
Herman Slatman 27bbc3682b
Improve error log test readability 2 years ago
Herman Slatman 362be72120
Fix `StackTracedError` logging 
When running with `STEPDEBUG=1`, a response with a `StackTracedError`
would result in a nil pointer error. This commit fixes the check and
adds a test case.
 2 years ago
Mariano Cano c7f226bcec
Add support for renew when using stepcas 
It supports renewing X.509 certificates when an RA is configured with stepcas.
This will only work when the renewal uses a token, and it won't work with mTLS.

The audience cannot be properly verified when an RA is used, to avoid this we
will get from the database if an RA was used to issue the initial certificate
and we will accept the renew token.

Fixes #1021 for stepcas
 2 years ago
Mariano Cano 59775fff0c
Merge branch 'master' into crl-support 2 years ago
max furman 66858a3870
No longer need to ignore context warnings when context in request 
- after upgrade to golangci-lint 1.50.0
 2 years ago
Raal Goff d0e81af524 Merge branch 'master' into crl-support 2 years ago
max furman 4c7a2ce3eb
Fix errors.As linter warnings 2 years ago
max furman 7c5e5b2b87
Even more linter fixes 2 years ago
max furman 1e0ea6f958
more linting fixes 2 years ago
max furman ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors 2 years ago
Mariano Cano 221e756f40 Use render.Error on crl endpoint 2 years ago
Raal Goff d2483f3a70 Merge branch 'master' into crl-support 
# Conflicts:
#	authority/config/config.go
 2 years ago
Mariano Cano 23b8f45b37 Address gosec warnings 
Most if not all false positives
 2 years ago
Mariano Cano 2db15e4eb5 Remove unnecessary log entries 
These log entries add CodeQL warnings and are not necessary because
our default http.ResponseWriter allows adding log entries.
 2 years ago
max furman 1dd0d7d0ee Update bad serial error to be more specific 2 years ago
max furman 7052a32c2c Validate revocation serial number 2 years ago
Raal Goff 9fa5f46213 add minor doco, Test_CRLGeneration(), fix some issues from merge 2 years ago
Raal Goff 60671b07d7 Merge branch 'master' into crl-support 
# Conflicts:
#	api/api.go
#	authority/config/config.go
#	cas/softcas/softcas.go
#	db/db.go
 2 years ago
Mariano Cano 1be74eca62 Merge branch 'master' into ssh-renew-provisioner 2 years ago
Mariano Cano 6b3a8f22f3 Add provisioner to SSH renewals 
This commit allows to report the provisioner to the linkedca when
a SSH certificate is renewed.
 2 years ago
Mariano Cano d461918eb0 Merge branch 'master' into context-authority 2 years ago
Mariano Cano 43ddcf2efe Do not use deprecated AuthorizeSign 2 years ago
Herman Slatman 2b7f6931f3
Change Subject Common Name verification 
Subject Common Names can now also be configured to be allowed or
denied, similar to SANs. When a Subject Common Name is not explicitly
allowed or denied, its type will be determined and its value will be
validated according to the constraints for that type of name (i.e. URI).
 2 years ago
Mariano Cano 48e2fabeb8 Add authority.MustFromContext 2 years ago
Mariano Cano 817af3d696 Fix unit tests on the api package 2 years ago
Mariano Cano a93653ea8e Use api.Route instead of the caHandler. 2 years ago
Mariano Cano a6b8e65d69 Retrieve the authority from the context in api methods. 2 years ago
Herman Slatman 74a6e59b1f
Add tests for ProtoJSON and bad proto messages 2 years ago
Herman Slatman bddd08d4b0
Remove "proto:" prefix from bad proto JSON messages 2 years ago
Herman Slatman a2cfbe3d54
Fix (part of) PR comments 2 years ago
Herman Slatman 6532c93303
Improve read.ProtoJSON bad protobuf body error handling 2 years ago
Herman Slatman def9438ad6
Improve handling of bad JSON protobuf bodies 2 years ago
Herman Slatman 30d5d89a13
Improve test coverage for Policy Admin API 2 years ago
Raal Goff 49c41636cc implemented some requested changes 2 years ago
Raal Goff 53dbe2309b implemented some requested changes 2 years ago