smallstep-certificates

mirror of https://github.com/smallstep/certificates.git synced 2024-10-31 03:20:16 +00:00

Author	SHA1	Message	Date
Mariano Cano	e12f6fcc84	Complete phrase in step-ca export help.	2021-08-23 15:24:13 -07:00
Mariano Cano	61b8bfda1a	Fix comment typos.	2021-08-23 15:18:54 -07:00
Mariano Cano	568fce201a	Enforce identity cert to match ssh cert on renewals.	2021-08-23 15:15:36 -07:00
max furman	a3028bbc0e	Add test for updateAddOrderIDs	2021-08-18 23:44:57 -07:00
Mariano Cano	31d3bf1cfc	Update discord link	2021-08-18 18:50:31 -07:00
Carl Tashian	050b233d43	Merge branch 'docker-init'	2021-08-18 13:43:19 -07:00
Carl Tashian	f738cb43c3	Make the default provisioner name optional; change DNS names variable name	2021-08-18 13:37:58 -07:00
Carl Tashian	7f2516f33d	Merge pull request #678 from smallstep/docker-init New Dockerfile with entrypoint script for easy CA init	2021-08-18 12:54:00 -07:00
Carl Tashian	4e8e4c638e	Add newline to password file for readabiliy	2021-08-18 12:50:14 -07:00
max furman	f53f78974e	Badger bump to fix issue with caddy build	2021-08-18 11:38:31 -07:00
Carl Tashian	bc63829111	Auto-generate password by default	2021-08-18 11:11:05 -07:00
Carl Tashian	7ab26c8303	Auto-generate password by default	2021-08-18 11:09:26 -07:00
Mariano Cano	33b6d4c3c8	Merge pull request #677 from smallstep/go1.17 Go 1.17 compatibility	2021-08-18 09:54:36 -07:00
Carl Tashian	b88b2f9808	Just adding a comment to the step-ra install script	2021-08-18 08:46:37 -07:00
Carl Tashian	8d52379771	New Dockerfile with entrypoint script for easy CA init	2021-08-17 17:17:28 -07:00
Mariano Cano	dc5205cc72	Extract the tls error code and fail accordingly.	2021-08-17 17:06:25 -07:00
Mariano Cano	ae58a0ee4e	Make tests compatible with Go 1.17. With Go 1.17 tls.Dial will fail if the client and server configured protocols do not overlap. See https://golang.org/doc/go1.17#ALPN	2021-08-17 16:31:53 -07:00
Mariano Cano	abd78e2d2a	Make kms uri compatible with Go 1.17. Go 1.17 introduces a change in the net/url package disallowing the use of semicolon (;) in URL queries. We used url.ParseQuery to decode the opaque string that is semicolon separated. This change replaces the semicolon with ampersands before decoding it.	2021-08-17 13:25:55 -07:00
Mariano Cano	a864f0134d	Fix key version when SHA512WithRSA is used. There was a typo creating RSA keys with SHA256 digests instead of SHA512	2021-08-16 14:47:38 -07:00
Mariano Cano	b1f59586ab	Update message to align with UI.	2021-08-13 11:59:12 -07:00
Mariano Cano	e3ef4a7da9	Update test with default tls options.	2021-08-11 15:42:22 -07:00
Mariano Cano	da2802504b	Use Default min version if not specified.	2021-08-11 15:33:45 -07:00
Mariano Cano	456ffd8806	Use linkedca v0.5.0	2021-08-11 15:33:34 -07:00
Mariano Cano	6a7ea71f19	Merge pull request #672 from smallstep/azure-tofu Allow the reuse of azure tokens if DisableTrustOnFirstUse is true	2021-08-11 15:03:47 -07:00
Mariano Cano	d4ae267add	Fix ErrAllowTokenReuse comment.	2021-08-11 14:59:26 -07:00
Mariano Cano	9e5762fe06	Allow the reuse of azure token if DisableTrustOnFirstUse is true Azure caches tokens for 24h and we cannot issue a new certificate for the same instance in that period of time. The meaning of this parameter is to allow the signing of multiple certificate in one instance. This is possible in GCP, because we get a new token, and is possible in AWS because we can generate a new one. On Azure there was no other way to do it unless you wait for 24h. Fixes #656	2021-08-11 11:50:54 -07:00
Mariano Cano	66f6c73655	Update badger driver to use v2 by default.	2021-08-11 11:19:29 -07:00
Mariano Cano	492ff4b632	Ask for the first provisioner password if none is provided.	2021-08-10 17:30:33 -07:00
Mariano Cano	28e882c9b3	Add deployment type to export.	2021-08-10 17:14:17 -07:00
Mariano Cano	072ba4227c	Add deployment type to config. This field is ignored except for the start of the ca. If the type is linked and the token is not passed, it will fail with an error.	2021-08-10 17:07:15 -07:00
Mariano Cano	56bb3eb6e1	Add next steps for linked ca.	2021-08-10 14:54:31 -07:00
Mariano Cano	47a30f1524	Add JWK provisioner to generic config. Fix linter errors.	2021-08-06 14:58:03 -07:00
Mariano Cano	536536c92d	Wrap json errors.	2021-08-06 14:55:17 -07:00
Mariano Cano	640f523150	Remove unused function.	2021-08-06 14:31:49 -07:00
Mariano Cano	9d51c2cceb	Fix linter errors in the name of export methods.	2021-08-06 14:29:54 -07:00
Mariano Cano	16d3afb92a	Remove unused method.	2021-08-06 12:37:20 -07:00
Mariano Cano	d72fa953ac	Remove debug statements.	2021-08-05 18:50:18 -07:00
Mariano Cano	3f07eb597a	Implement revocation using linkedca.	2021-08-05 18:45:50 -07:00
Mariano Cano	81004ce1f9	Remove deprecated functions.	2021-08-05 17:36:18 -07:00
Mariano Cano	f643af7095	Update onboarding flow with new pki package.	2021-08-05 15:57:48 -07:00
Mariano Cano	79cf059447	Remove deprecated methods and write all pki files at once.	2021-08-05 15:57:13 -07:00
Mariano Cano	ad4dbd6764	Write all files on save.	2021-08-05 12:58:54 -07:00
Mariano Cano	50f7a0d0c0	Work in progress implementation of PKI with helm support	2021-08-04 20:15:26 -07:00
Mariano Cano	798b90c359	Move linkedca configuration to the main package.	2021-08-04 20:15:04 -07:00
Mariano Cano	de719eb6f0	Add an option to avoid password prompts on step cas When we are using `step ca init` to create a stepcas RA we don't have access to the password for verify the provisioner.	2021-08-04 16:16:35 -07:00
Mariano Cano	de292fbed6	Use branch version of linkedca.	2021-08-02 16:08:54 -07:00
Mariano Cano	721459210e	Make pki initialization more flexible.	2021-08-02 16:07:30 -07:00
Mariano Cano	384be6e205	Do not show provisioners if they are not required. For deployment types like linked ca, the list of provisioners in the ca.json are not required, so we should tag the json as omitempty.	2021-08-02 15:34:39 -07:00
Mariano Cano	b0e0f2b89d	Use linkedca GetAdmin and GetProvisioner.	2021-08-02 14:45:59 -07:00
Mariano Cano	91a369f618	Automatically enable admin properly on linked cas.	2021-08-02 12:13:39 -07:00

... 3 4 5 6 7 ...

2290 Commits