Commit Graph

24 Commits

Author SHA1 Message Date
Mariano Cano
300c19f8b9 Add a custom enforcer that can be used to modify a cert. 2022-02-02 14:36:58 -08:00
max furman
4afcdd55ff Update doc line on WithSSHGetHosts 2022-01-12 12:25:04 -08:00
max furman
933b40a02a Introduce gocritic linter and address warnings 2021-10-08 14:59:57 -04:00
Mariano Cano
6729c79253 Add support for setting individual password for ssh and tls keys
This change add the following flags:
 * --ssh-host-password-file
 * --ssh-user-password-file

Fixes #693
2021-09-16 11:55:41 -07:00
Mariano Cano
8fb5340dc9 Use a token at start time to configure linkedca.
Instead of using `step-ca login` we will use a new token provided
as a flag to configure and start linkedca. Certificates will be kept
in memory and refreshed automatically.
2021-07-19 19:28:06 -07:00
max furman
9fdef64709 Admin level API for provisioner mgmt v1 2021-07-02 19:05:17 -07:00
max furman
9bf9bf142d wip 2021-05-20 13:01:58 -07:00
max furman
7b5d6968a5 first commit 2021-05-19 15:20:16 -07:00
Miclain Keffeler
7545b4a625 leverage intermediate_ca.crt for appending certs. 2020-12-23 22:41:10 -06:00
Mariano Cano
60515d92c5 Remove unnecessary properties. 2020-09-16 13:31:26 -07:00
Mariano Cano
e83e47a91e Use sshutil and randutil from go.step.sm/crypto. 2020-08-10 11:26:51 -07:00
Mariano Cano
824374bde0 Create a method to initialize the authority without a config file.
When the CA is embedded in a third party product like Caddy, the
config needed to use placeholders to be valid. This change adds
a new method `NewEmbeddedAuthority` that allows to create an
authority with the given options, the minimum options are a root
and intermediate certificate, and the intermediate key.

Fixes #218
2020-05-04 18:52:18 -07:00
Mariano Cano
c49a9d5e33 Add context parameter to all SSH methods. 2020-03-10 19:01:45 -07:00
Mariano Cano
2d4f369db2 Add options to set root and federated certificates using x509.Certificate 2020-02-12 15:36:24 -08:00
Mariano Cano
9641ab33b8 Use crypto.Signer instead of ssh.Signer in SSH options. 2020-01-14 18:38:29 -08:00
Mariano Cano
e98d7832b9 Add options to read the roots and federated roots from a bundle. 2020-01-10 18:33:48 -08:00
Mariano Cano
c62526b39f Add wip support for kms. 2020-01-09 18:42:26 -08:00
max furman
1e17ec7d33 Use x5cInsecure token for /ssh/check-host endpoint 2019-12-11 14:54:29 -08:00
max furman
927784237d Use an actual Hosts type when returning ssh hosts 2019-11-20 17:23:51 -08:00
max furman
35912cc906 change func def for getSSHHosts
* continue to return all hosts if injection method not specified
2019-11-20 12:59:48 -08:00
max furman
c407a9319b Add getSSHHosts injection func 2019-11-20 11:32:27 -08:00
max furman
6ca1df5081 Add WithGetIdentityFunc option and attr to authority
* Add Identity type to provisioner
2019-11-14 20:38:39 -08:00
Mariano Cano
86a0558587 Add support for /ssh/bastion method. 2019-11-14 18:24:58 -08:00
Mariano Cano
43b663e0c3 Move Option type to a new file. 2019-11-14 15:29:04 -08:00