Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-10-31 03:20:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,967 Commits 37 Branches 223 Tags 44 MiB
4e19aa4c52
Commit Graph

137 Commits

Author SHA1 Message Date
Raal Goff
924082bb49 fix linter errors 2022-09-08 10:09:37 +08:00
Raal Goff
d2483f3a70 Merge branch 'master' into crl-support 
# Conflicts:
#	authority/config/config.go
 2022-09-08 09:45:04 +08:00
Mariano Cano
8bd0174251 Rename field to IsCAServerCert 2022-08-11 15:14:26 -07:00
Mariano Cano
5df1694250 Add endpoint id for the RA certificate 
In a linked RA mode, send an endpoint id to group the server
certificates.
 2022-08-11 14:47:11 -07:00
Mariano Cano
eb091aec54 Simplify field names for ProvisionerInfo 2022-08-10 17:44:14 -07:00
Mariano Cano
6b5d3dca95 Add provisioner name to RA info 2022-08-03 18:44:04 -07:00
Mariano Cano
f9df8ac05f Remove unused interface 2022-08-03 12:03:49 -07:00
Mariano Cano
9408d0f24b Send RA provisioner information to the CA 2022-08-02 19:28:49 -07:00
Raal Goff
60671b07d7 Merge branch 'master' into crl-support 
# Conflicts:
#	api/api.go
#	authority/config/config.go
#	cas/softcas/softcas.go
#	db/db.go
 2022-07-13 08:52:58 +08:00
Mariano Cano
ce9a23a0f7 Fix SSH certificate revocation 2022-05-25 16:55:22 -07:00
Mariano Cano
c8d7ad7ab9 Fix store certificates methods with new interface 2022-05-18 18:33:22 -07:00
Herman Slatman
6e1f8dd7ab
Refactor policy engines into container 2022-04-26 13:12:16 +02:00
Herman Slatman
76112c2da1
Improve error creation and testing for core policy engine 2022-04-26 01:47:07 +02:00
Herman Slatman
3fa96ebf13
Improve policy errors returned to client 2022-04-24 13:11:32 +02:00
Herman Slatman
ad2de16299
Merge branch 'master' into herman/allow-deny 2022-04-19 10:26:31 +02:00
Mariano Cano
fe9c3cf753
Merge branch 'master' into ahmet2mir-feat/vault 2022-04-18 15:35:26 -07:00
Herman Slatman
abcad679ff
Merge branch 'master' into herman/allow-deny 2022-04-18 21:54:55 +02:00
Mariano Cano
ea5f7f2acc
Fix SANs for step-ca certificate 
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
 2022-04-12 13:57:55 -07:00
Mariano Cano
37b521ec6c
Merge branch 'master' into feat/vault 2022-04-11 14:57:45 -07:00
Herman Slatman
9797b3350e
Merge branch 'master' into herman/allow-deny 2022-04-08 16:01:56 +02:00
Mariano Cano
db337debcd Load provisioner from the database instead of the extension. 2022-04-05 19:25:47 -07:00
Raal Goff
49c41636cc implemented some requested changes 2022-04-06 08:31:40 +08:00
Raal Goff
53dbe2309b implemented some requested changes 2022-04-06 08:24:49 +08:00
Raal Goff
a607ab189a requested changes 2022-04-06 08:23:55 +08:00
Raal Goff
d417ce3232 implement changes from review 2022-04-06 08:23:53 +08:00
Raal Goff
668cb6f39c missed some mentions of PEM when changing the returned format to DER regarding CRL generation 2022-04-06 08:22:29 +08:00
Raal Goff
7d024cc4cb change GenerateCertificateRevocationList to return DER, store DER in db instead of PEM, nicer PEM encoding of CRL, add Mock stubs 2022-04-06 08:22:26 +08:00
Raal Goff
e8fdb703c9 initial support for CRL 2022-04-06 08:19:45 +08:00
Herman Slatman
571b21abbc
Fix (most) PR comments 2022-03-31 16:12:29 +02:00
Herman Slatman
b49307f326
Fix ACME order tests with mock ACME CA 2022-03-24 18:34:04 +01:00
Herman Slatman
9e0edc7b50
Add early authority policy evaluation to ACME order API 2022-03-24 14:55:40 +01:00
Herman Slatman
613c99f00f
Fix linting issues 2022-03-24 13:10:49 +01:00
Mariano Cano
9d027c17d0 Send current provisioner on PostCertificate 2022-03-21 19:24:05 -07:00
Herman Slatman
101ca6a2d3
Check admin subjects before changing policy 2022-03-21 15:53:59 +01:00
Herman Slatman
81b0c6c37c
Add API implementation for authority and provisioner policy 2022-03-15 15:56:04 +01:00
Herman Slatman
7c541888ad
Refactor configuration of allow/deny on authority level 2022-03-08 13:26:07 +01:00
Mariano Cano
c0525381eb Merge branch 'master' into feat/vault 2022-02-16 18:19:23 -08:00
Herman Slatman
5cb23c6029
Merge pull request #804 from smallstep/herman/normalize-ipv6-dns-names 
Normalize IPv6 hostname addresses
 2022-02-09 11:25:24 +01:00
Herman Slatman
e887ccaa07
Ensure the CA TLS certificate represents IPv6 DNS names as IP in cert 
If an IPv6 domain name (i.e. [::1]) is provided manually in the `ca.json`,
this commit will ensure that it's represented as an IP SAN in the TLS
certificate. Before this change, the IPv6 would become a DNS SAN.
 2022-02-03 14:21:23 +01:00
Mariano Cano
300c19f8b9 Add a custom enforcer that can be used to modify a cert. 2022-02-02 14:36:58 -08:00
Ahmet DEMIR
68b980d689
feat(authority): avoid hardcoded cn in authority csr 2022-01-13 20:30:54 +01:00
Herman Slatman
50c3bce98d
Change if/if to if/else-if when checking the type of JSON error 2022-01-12 21:34:38 +01:00
Herman Slatman
a3cf6bac36
Add special handling for *json.UnmarshalTypeError 2022-01-12 11:15:39 +01:00
Herman Slatman
0475a4d26f
Refactor extraction of JSON template syntax errors 2022-01-12 10:41:36 +01:00
Herman Slatman
a5455d3572
Improve errors related to template execution failures (slightly) 2022-01-10 15:49:37 +01:00
Herman Slatman
3bc3957b06
Merge branch 'master' into hs/acme-revocation 2021-12-09 09:36:52 +01:00
Herman Slatman
47a8a3c463
Add test case for ACME Revoke to Authority 2021-12-02 17:11:36 +01:00
Herman Slatman
c9cd876a7d
Merge branch 'master' into hs/acme-revocation 2021-11-25 00:40:56 +01:00
Mariano Cano
ff04873a2a Change the default error type to forbidden in Sign. 
The errors will also be propagated from sign options.
 2021-11-23 18:58:16 -08:00
Mariano Cano
668d3ea6c7 Modify errs.Wrap() with bad request to send messages to users. 2021-11-18 18:44:58 -08:00