Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,263 Commits
40 Branches
214 Tags
92 MiB
master
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '80cbcb652b'
${ noResults }
Commit Graph

115 Commits (80cbcb652b26435ce5eabbcb39215c80c09f3923)

Author SHA1 Message Date
Mariano Cano 59775fff0c
Merge branch 'master' into crl-support 2 years ago
Mariano Cano 8200d19894
Improve CRL implementation 
This commit adds some changes to PR #731, some of them are:
- Add distribution point to the CRL
- Properly stop the goroutine that generates the CRLs
- CRL config validation
- Remove expired certificates from the CRL
- Require enable set to true to generate a CRL

This last point is the principal change in behaviour from the previous
implementation. The CRL will not be generated if it's not enabled, and
if it is enabled it will always be regenerated at some point, not only
if there is a revocation.
 2 years ago
max furman e436c36f8b
Update revocation docs link 2 years ago
Raal Goff 9fa5f46213 add minor doco, Test_CRLGeneration(), fix some issues from merge 2 years ago
max furman 4cb74e7d8b fix linter warnings 2 years ago
Herman Slatman d799359917
Merge branch 'master' into hs/acme-eab 3 years ago
Carl Tashian 53ebd85327 Update star gif size 3 years ago
Carl Tashian c0255b7caa Update star gif 3 years ago
Carl Tashian accb0710a1 Star gif 3 years ago
Herman Slatman a98fe03e80
Merge branch 'master' into hs/acme-eab 3 years ago
Herman Slatman 71b3f65df1
Add processing of RequireEAB through Linked CA 3 years ago
Carl Tashian 09b554f855
Merge pull request #609 from smallstep/discord 
update gitter to discord
 3 years ago
Carl Tashian f8c137af4f
Update provisioners.md 3 years ago
Kevin Chen 9d4e6e315a update readme page 3 years ago
Kevin Chen 2ac53f7c69 update gitter to discord 3 years ago
Carl Tashian e305940448 Small docs cleanup 3 years ago
Carl Tashian 6f0f023d2c Small docs cleanup 3 years ago
FibreFoX 9607691f9c
Added missing hints for running step-ca on Raspberry Pi 
See #351, #344, #279
 3 years ago
Carl Tashian e50c5bc4b1 Remove pronoun 3 years ago
Austin Tucker Hall 6801cf3d05
Update provisioners.md 
mispelling that is driving me nuts
 3 years ago
Carl Tashian 4d7338f763
Merge pull request #499 from smallstep/carl/readmes 
Update "build from source" instructions
 3 years ago
Carl Tashian 35be06f4aa Amendments to CONTRIBUTING doc 3 years ago
Carl Tashian c67531134a
Update CONTRIBUTING.md 3 years ago
Carl Tashian a9e52405a2
Add CGO build instructions to contributing.md 3 years ago
max furman 9cfdd2f3df [action] change step-certificates to step-ca where possible 3 years ago
max furman 19a3cd10a1 [docs] provisioners fix attr dupe and give warning about stale docs 4 years ago
Anton Lundin 3e6137110b Add support for using ssh-agent as a KMS 
This adds a new KMS, SSHAgentKMS, which is a KMS to provide signing keys
for issuing ssh certificates signed by a key managed by a ssh-agent. It
uses the golang.org/x/crypto package to get a native Go implementation
to talk to a ssh-agent.

This was primarly written to be able to use gpg-agent to provide the
keys stored in a YubiKeys openpgp interface, but can be used for other
setups like proxying a ssh-agent over network.

That way the signing key for ssh certificates can be kept in a
"sign-only" hsm.

This code was written for my employer Intinor AB, but for simplicity
sake gifted to me to contribute upstream.

Signed-off-by: Anton Lundin <glance@acc.umu.se>
 4 years ago
Carl Tashian 80beff6ce3 Update READMEs with links to new docs 4 years ago
Nico Domino 8aae8a6153
Update provisioners.md 
Swapped markdown URL / Text
 4 years ago
Mariano Cano 341dc1c3ea Remove merge data. 4 years ago
Mariano Cano 6a818ebc92 Merge branch 'master' into ra-init 4 years ago
Mariano Cano 2ec0c24e98 Update docs for RA. 4 years ago
Mariano Cano 6049d42b5f
Change title to match with CAS 4 years ago
Mariano Cano 7d1686dc53 Add option to specify the AWS IID certificates to use. 
This changes adds a new option `iidRoots` that allows a user to
define one or more certificates that will be used for AWS IID
signature validation.

Fixes #393
 4 years ago
Mariano Cano 647b9b4541
Merge pull request #367 from smallstep/cas 
Support for CAS Interface and CloudCAS
 4 years ago
Carl Tashian 329f401e58
Update cas.md 
Needed to run two commands to set up IAM roles because passing `--role` twice only uses the second value passed.
 4 years ago
Carl Tashian 3f55f22b2e
Update cas.md 
Added `--location` flag to a couple of the commands
 4 years ago
Mariano Cano 7d779e12db Change service account name. 4 years ago
Mariano Cano 52d857a302 Update CloudCAS instructions. 4 years ago
Mariano Cano 066c7ee10b Fix iam permissions. 4 years ago
Carl Tashian fd07e25e61 Change Gitter links to GH Discussions tab 4 years ago
Mariano Cano 42ce78ed43 Add initial docs for CAS. 4 years ago
max furman e8c5a3b320 Document concurrency limitations in ACME server 
- in concurrency / HA section
 4 years ago
Carl Tashian c1e6c0285a
Merge pull request #325 from smallstep/readme-updates 
README updates, round 2
 4 years ago
Carl Tashian ed89367fca Round 2 of README updates 4 years ago
Ilias Trichopoulos 7d5552f53e Fix service logs path 4 years ago
Ilias Trichopoulos 6d8b4a1b9a Fix service name 4 years ago
Ilias Trichopoulos 730639d2a3 Fix service user name 
In `ExecStart` the user used us `smallstep` so the same user should be defined in `useradd`.
 4 years ago
max furman b5699892ad Add github response to frequenty asked questions doc 
- security risks of exposing the OAuth Client Secret in the output of
  `step ca provisioner list`
 4 years ago
mkontani feadaa6c56
docs: fix provisioner type 
Signed-off-by: mkontani <itoama@live.jp>
 4 years ago