Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-10-31 03:20:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,804 Commits 37 Branches 223 Tags 44 MiB
26e7cc6177
Commit Graph

172 Commits

Author SHA1 Message Date
Mariano Cano
26e7cc6177 Allow to use the SDK with ed25519 keys. 2021-05-06 18:10:12 -07:00
max furman
8c709fe3c2 Init config on load | Add wrapper for cli 2021-05-04 14:45:11 -07:00
Mariano Cano
5846314f88 Add missing Rekey method to the ca.Client 
Fixes #315
 2021-04-29 16:06:45 -07:00
Mariano Cano
1328aa3e47 Fix review comments. 2021-04-26 18:45:46 -07:00
Mariano Cano
50b9aaec57 Add new identity tests. 2021-04-21 18:07:59 -07:00
Mariano Cano
e414d0c8ea Fix unit tests. 2021-04-21 16:20:53 -07:00
Mariano Cano
c5234e9c61 Refactor tls tunnel connections. 
New method will use an identity-like file with the configuration
used to create the (m)TLS connection to the tunnel.
 2021-04-21 16:20:53 -07:00
Mariano Cano
e75a9409a5 Add experimental support for a TLS over TLS tunnel. 2021-04-21 16:20:53 -07:00
Mariano Cano
02a5879cfe Specify always a Proxy in all custom transports. 
Fixes #535
 2021-04-14 19:35:31 -07:00
max furman
93c3c2bf2e Error handle non existent provisioner downstream and disable debug route logging 2021-04-14 15:35:43 -07:00
max furman
b1888fd34d Use different method for unescpaed paths for the router 2021-04-14 15:11:15 -07:00
Max
b724af30ad
Merge pull request #496 from smallstep/max/acme 
Convert to ACME DB interface
 2021-04-13 15:02:03 -07:00
max furman
672e3f976e Few ACME fixes ... 
- always URL escape linker output
- validateJWS should accept RSAPSS
- GetUpdateAccount -> GetOrUpdateAccount
 2021-04-12 19:06:07 -07:00
max furman
df05340521 fixing broken unit tests 2021-03-25 12:05:46 -07:00
max furman
f72b2ff2c2 [acme db interface] nosql authz unit tests 2021-03-25 12:05:46 -07:00
max furman
074ab7b221 [acme db interface] add linker tests 2021-03-25 12:05:46 -07:00
max furman
bb8d54e596 [acme db interface] unit tests compiling 2021-03-25 12:05:46 -07:00
max furman
fc395f4d69 [acme db interface] compiles! 2021-03-25 12:05:46 -07:00
max furman
80a6640103 [acme db interface] wip 2021-03-25 12:05:46 -07:00
Mariano Cano
8c8c160c92 Fix method name in comment. 2021-03-25 11:06:37 -07:00
Mariano Cano
bdeb0ccd7c Add support for the flag --issuer-password-file 
The new flag allows to pass a file with the password used to decrypt
the key used in RA mode.
 2021-03-24 14:53:19 -07:00
Mariano Cano
5be86691c1 Fix unit tests in Go 1.16. 2021-02-23 15:29:56 -08:00
Mariano Cano
b487edbd13 Clarify comment. 2021-02-11 17:38:14 -08:00
Mariano Cano
fbd2208044 Close key manager for safe reloads when a cgo module is used. 2021-02-01 17:14:44 -08:00
Mariano Cano
40d0596b71 Use smallstep/cli-utils instead of smallstep/cli 2020-10-29 13:10:03 -07:00
Mariano Cano
ba918100d0 Use go.step.sm/crypto/jose 
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
 2020-08-24 14:44:11 -07:00
Mariano Cano
d30a95236d Use always go.step.sm/crypto 2020-08-14 15:33:50 -07:00
Mariano Cano
533ad0ca20 Use always go.step.sm/crypto/x509util 2020-08-11 17:59:33 -07:00
Mariano Cano
4943ae58d8 Move TLSOption, TLSVersion, CipherSuites and ASN1DN to certificates. 2020-08-10 15:29:18 -07:00
Mariano Cano
e83e47a91e Use sshutil and randutil from go.step.sm/crypto. 2020-08-10 11:26:51 -07:00
Mariano Cano
6c64fb3ed2 Rename provisioner options structs: 
* provisioner.ProvisionerOptions => provisioner.Options
* provisioner.Options => provisioner.SignOptions
* provisioner.SSHOptions => provisioner.SingSSHOptions
 2020-07-22 18:24:45 -07:00
Mariano Cano
44207523be Add missing tests. 2020-07-21 14:21:54 -07:00
Mariano Cano
0c8376a7f6 Fix existing unit tests. 2020-07-21 14:21:54 -07:00
max furman
1951669e13 wip 2020-06-23 11:10:45 -07:00
max furman
6e69f99310 Always set nbf and naf for new ACME orders ... 
- Use the default value from the ACME provisioner if values are not
defined in the request.
 2020-05-22 10:31:58 -07:00
Mariano Cano
9f1d95d8bf Fix renew of certificate at the start of the server. 2020-05-07 18:21:11 -07:00
Mariano Cano
1d7ab9145a Avoid lint error. 2020-03-24 14:33:01 -07:00
Mariano Cano
0b62ce9d0e Use go 1.13 to build certificates. 2020-03-24 14:23:02 -07:00
max furman
495e60a44b Extraneous fmt.Sprintf 2020-03-23 12:15:46 -07:00
Mariano Cano
349bca06bb Fix line error due to deprecated DialTLS. 2020-03-05 15:11:03 -08:00
Mariano Cano
f5d2f92099 Load identity certificate from disk in each connection. 2020-03-04 15:02:17 -08:00
Ivan Bertona
9052da66a3 Fix linter, tidy go.mod file. 2020-02-07 14:42:56 -05:00
Mariano Cano
3d6a18180e Fix a couple of race conditions in the renewal of certificates. 2020-01-28 13:29:40 -08:00
max furman
1cb8bb3ae1 Simplify statuscoder error generators. 2020-01-28 13:29:40 -08:00
max furman
dccbdf3a90 Introduce generalized statusCoder errors and loads of ssh unit tests. 
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
 2020-01-28 13:29:40 -08:00
Mariano Cano
a025f72af7 Disable backdata on ca tests. 2020-01-28 13:29:39 -08:00
Mariano Cano
a88ba8eb31 Use errs package for HTTP errors. 2020-01-28 13:29:39 -08:00
Mariano Cano
47f4ac1b53 Add method to just write the identity certificate. 2020-01-28 13:29:39 -08:00
Mariano Cano
14e59775bd Add method to renew the identity. 2020-01-28 13:29:39 -08:00
max furman
9aafe265d0 Should be returning nil from applyIdentity if cert expired. 2020-01-28 13:29:39 -08:00