Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-10-31 03:20:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,181 Commits 37 Branches 223 Tags 44 MiB
0ac9023590
Commit Graph

1217 Commits

Author SHA1 Message Date
Mariano Cano
0ac9023590
Fix typo in error message and comment 2024-03-12 14:58:36 -07:00
Mariano Cano
10f6a901ec
Let the CA determine the RA lifetime 
When the RA mode with StepCAS is used, let the CA decide which lifetime
the RA should get instead of requiring always 24h.

This commit also fixes linter warnings.

Related to #1094
 2024-03-12 14:29:55 -07:00
Herman Slatman
b8510dd5b2
Make the requestid an exported middleware 2024-03-07 10:41:19 +01:00
Herman Slatman
10aa48c74a
Merge pull request #1743 from smallstep/herman/improve-request-id 
Improve end-to-end request ID propagation
 2024-03-04 13:58:21 +01:00
Herman Slatman
d392c169fc
Improve functional coverage of request ID integration test 2024-03-04 12:00:08 +01:00
Herman Slatman
7e5f10927f
Decouple request ID middleware from logging middleware 2024-02-28 13:18:10 +01:00
Panagiotis Siatras
fb4cd6fe81
fix: Webhook-related instruments 
* fix: also instrument webhooks that do not reach the wire
* fix: register the webhook instrumentation
 2024-02-27 22:43:45 +02:00
Herman Slatman
041b486c55
Remove usages of Sign without context 2024-02-27 14:16:21 +01:00
Herman Slatman
c16a0b70ee
Remove smallstep/assert and pkg/errors from webhook tests 2024-02-27 13:44:44 +01:00
Herman Slatman
9689508709
Add tests for webhook request IDs 2024-02-27 13:39:21 +01:00
Herman Slatman
2a8b80a3e1
Merge branch 'master' into herman/webhook-request-id 2024-02-27 12:17:10 +01:00
Herman Slatman
bb296c9d19
Merge pull request #1708 from smallstep/herman/csr-expires-header 
Add `Expires` header to CRL endpoint
 2024-02-15 10:34:34 +01:00
Mariano Cano
ac773ff44e
Merge branch 'master' into allow_external_x509_ca_service_intf 2024-02-14 11:38:39 -08:00
Remi Vichery
ee44ac104d
fixup! Add AWS ca-west-1 identity document certificate 2024-02-13 08:54:24 -08:00
Remi Vichery
283d46d9a7
Add AWS ca-west-1 identity document certificate 2024-02-12 11:27:41 -08:00
Herman Slatman
69f5f8d8ea
Use stretchr/testify instead of smallstep/assert for tests 2024-02-08 14:11:13 +01:00
Herman Slatman
d1deb7f930
Add Expires header to CRL response 2024-02-08 14:10:48 +01:00
Panagiotis Siatras
dd1ff9c15b
Implementation of the Prometheus endpoint (#1669) 
Implementation of the http://{metricsAddress}/metrics Prometheus endpoint.
 2024-01-25 23:47:27 -08:00
Venky Gopal
fbc1e895c2 Allow x509 Service CA implementation to be injected through ca and authority options 2024-01-21 08:50:09 -05:00
Herman Slatman
25c109e75d
Change error message for CSR validation 2024-01-08 20:05:16 +01:00
Mariano Cano
b20af51f32
Upgrade go.step.sm/crypto to use go-jose/v3 2023-12-12 16:36:48 -08:00
Max
d34f0f6a97
Fix linter warnings (#1634) 2023-11-28 20:58:58 -08:00
Herman Slatman
f082cbc421
Denormalize provisioner name in SCEP webhook 2023-11-08 20:09:52 +01:00
Herman Slatman
9ebc8779f5
Normalize SCEP provisioner name in webhook body 2023-11-08 19:52:20 +01:00
Herman Slatman
e815864ed8
Add verification of provisionerName in test 2023-11-08 19:46:29 +01:00
Herman Slatman
de45d66cdb
Add provisionerName to webhook request body 2023-11-08 19:43:13 +01:00
Mariano Cano
49045a1150
Change CommonName validator in JWK 
This commit changes the common name validator in the JWK provisioner to
accept either the token subject or any of the sans in the token.
 2023-10-31 16:44:18 -07:00
Max
9f84f7ce35
Allow for identity certificate signing (in sshSign) by skipping validators (#1572) 
- skip urisValidator for identity certificate signing. Implemented
  by building the validator with the context in a hacky way.
 2023-10-06 14:02:19 -07:00
Mariano Cano
52baf52f84
Change scep password type to string 
This commit changes the type of the decrypter key password to string to
be consistent with other passwords in the ca.json
 2023-09-26 10:36:58 -07:00
Herman Slatman
c0fbace882
Address review remarks 2023-09-26 00:00:08 +02:00
Herman Slatman
4dc5a688fd
Set SCEP authority options once 2023-09-25 22:24:13 +02:00
Herman Slatman
15c46ebbaa
Switch logic for SCEP initialization around 2023-09-25 22:00:30 +02:00
Herman Slatman
f1da256ca4
Change SCEP authority initialization 2023-09-25 21:55:19 +02:00
Herman Slatman
4554f86f16
Make SCEP decrypter properties use omitempty 2023-09-25 19:48:12 +02:00
Herman Slatman
ffe079f31b
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-23 00:06:56 +02:00
Mariano Cano
31da66c124
Fix webhooks signature 
This commit fixes the way webhooks signatures are created. Before this
change, the signature of an empty body was prepended by the body itself.
 2023-09-22 13:22:52 -07:00
Herman Slatman
3f3b67e05c
Merge branch 'herman/scep-provisioner-decrypter' into herman/scep-notifying-webhook 2023-09-22 12:44:11 +02:00
Herman Slatman
ba72710e2d
Address code review remarks 2023-09-22 12:40:14 +02:00
Herman Slatman
5f8e0de1c3
Fix duplicate import in SCEP provisioner 2023-09-22 11:46:51 +02:00
Herman Slatman
4fd4227b73
Use shorter SCEP decrypter property names from linkedca 2023-09-22 11:44:49 +02:00
Herman Slatman
5fd70af2c8
Make API responses aware of the new SCEP decrypter properties 2023-09-22 11:38:03 +02:00
Herman Slatman
3ade92f8d5
Support both a decrypter key URI as well as PEM 2023-09-22 11:10:22 +02:00
Herman Slatman
b6c95d7be2
Add additional properties to SCEP notify webhook request body 2023-09-21 18:12:13 +02:00
Herman Slatman
63257e0576
Add full certificate DER bytes to success notification webhook 2023-09-21 12:05:58 +02:00
Herman Slatman
52bc96760b
Add SCEP certificate issuance notification webhook 2023-09-21 12:01:03 +02:00
Herman Slatman
a3c9dd796a
Merge branch 'herman/scep-provisioner-decrypter' of github.com:smallstep/certificates into herman/scep-provisioner-decrypter 2023-09-21 09:55:18 +02:00
Herman Slatman
69a53eec33
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-21 09:55:07 +02:00
Dominic Evans
231b5d8406 chore(deps): upgrade github.com/go-chi/chi to v5 
Upgrade chi to the v5 module path to avoid deprecation warning about v4
and earlier on the old module path.

See https://github.com/go-chi/chi/blob/v4.1.3/go.mod#L1-L4

Signed-off-by: Dominic Evans <dominic.evans@uk.ibm.com>
 2023-09-20 11:26:32 +01:00
Herman Slatman
4e06bdbc51
Add SignWithContext method to authority and mocks 2023-09-19 16:30:53 +02:00
Herman Slatman
b2301ea127
Remove the webhook Do method 2023-09-19 15:39:54 +02:00