Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,281 Commits
40 Branches
214 Tags
92 MiB
master
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '817edcbba5'
${ noResults }
Commit Graph

80 Commits (817edcbba500d937805cc6b86b26c7fd74b9f616)

Author SHA1 Message Date
Herman Slatman a9359522e6
Add provisioner and super admin subject output to `ca init` 
When initializing a CA with `--remote-management`, it wasn't made
clear that the default JWK provisioner is used when authenticating
for administration purposes and that a default `step` user is
created to login with. This commit adds some additional information
to the CLI output on completion of `ca init`.
 2 years ago
Herman Slatman fd38dd34f9
Fix PR comments 2 years ago
Herman Slatman 49718f1bbb
Fix some comments 2 years ago
Herman Slatman d981b9e0dc
Add `--admin-subject` flag to `ca init` 
The first super admin subject can now be provided through the
`--admin-subject` flag when initializing a CA.

It's not yet possible to configure the subject of the first
super admin when provisioners are migrated from `ca.json` to the
database. This effectively limits usage of the flag to scenarios
in which the provisioners are written to the database immediately,
so when `--remote-management` is enabled. It currently also doesn't
work with Helm deployments, because there's no mechanism yet to
pass this type of option to the Helm chart.

This commit partially addresses https://github.com/smallstep/cli/issues/697
 2 years ago
Herman Slatman 57001168a5
Add default `SSHPOP` provisioner to Helm template output 2 years ago
Herman Slatman c423e2f664
Improve Helm test data to be more realistic 2 years ago
Herman Slatman 459bfc4c4f
Add gibberish test key bytes to Helm tests 2 years ago
Herman Slatman 3262ffd43b
Add X.509 intermedaite and root certificates to Helm tests 2 years ago
Herman Slatman 1a5523f5c0
Add default JWK to the Helm tests 2 years ago
Herman Slatman 317efa4568
Add some TODOs for improvingin PKI initialization maintainability 2 years ago
Herman Slatman 8616d3160f
Add tests for writing the Helm template 2 years ago
Herman Slatman acdf080308
Add `enableAdmin` and `enableACME` to Helm values.yml generation 2 years ago
max furman ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors 2 years ago
Mariano Cano 369b8f81c3 Use go.step.sm/crypto/kms 
Fixes #975
 2 years ago
vijayjt 02c0ae81ac Allow KMS type to be specified in the helm chart template if specified on the command line. 2 years ago
Carl Tashian 9848caf49f Create the db directory on step ca init 2 years ago
max furman 7fac8c96c3 Merge branch 'master' into max/context 3 years ago
max furman d37313bef4 Use 0600 for profile defaults file. 3 years ago
max furman fcc15174ea Rename templates and create profileConfig dir ahead of time. 3 years ago
max furman 43cba993bb PR fixes 
- Line -> PrependLine
- dont' overwrite profileDefaults
- update ssh/config.tpl to always include includes file
 3 years ago
max furman 3e9830e363 Use profileDefaults in PKI 
- write profile defaults at the same time as authority defaults
 3 years ago
max furman d777fc23c2 Add ca.WithInsecure and use methods for file names 3 years ago
max furman ed4b56732e updates after rebase to keep up with master 3 years ago
max furman 7eeebca529 Enable step path contexts in identity and pki paths 3 years ago
max furman 10db335f13 mv pkg config -> step 3 years ago
Mariano Cano cb4a2a5f9a Use the same method to return the templating functions. 3 years ago
Mariano Cano 0f63d43a91 Remove sprig "env" and "expandenv" functions. 3 years ago
Mariano Cano a2b03083c8 Fix gocritic warnings. 3 years ago
Mariano Cano e15b5faf7d Merge branch 'master' into keyvault 3 years ago
Mariano Cano 5d0bd7d155 Fix grammar in comments. 3 years ago
Mariano Cano 781d5fb6e8 Fix creation of ssh certificates on step ca init. 3 years ago
max furman 933b40a02a Introduce gocritic linter and address warnings 3 years ago
Mariano Cano ece67fefff Add support for kms in pki package. 
Adding support to kms in the pki packages opens the door to use
kms implementations in `step ca init`
 3 years ago
Mariano Cano 4fde7b5250 Use badgerv2 the default in helm too. 
Use also port 443 for the ca-url, as we usually access through the
service, this can be overridden by --with-ca-url flag in the cli.
 3 years ago
Mariano Cano 8cb62b6d67 Fix ssh in helm chart values. 3 years ago
Mariano Cano 516b74f43a Add comment about unused code. 3 years ago
Mariano Cano ff25f4974f Fix comment. 3 years ago
Mariano Cano b1f59586ab Update message to align with UI. 3 years ago
Mariano Cano 66f6c73655 Update badger driver to use v2 by default. 3 years ago
Mariano Cano 072ba4227c Add deployment type to config. 
This field is ignored except for the start of the ca. If the type
is linked and the token is not passed, it will fail with an error.
 3 years ago
Mariano Cano 56bb3eb6e1 Add next steps for linked ca. 3 years ago
Mariano Cano 47a30f1524 Add JWK provisioner to generic config. 
Fix linter errors.
 3 years ago
Mariano Cano 640f523150 Remove unused function. 3 years ago
Mariano Cano 81004ce1f9 Remove deprecated functions. 3 years ago
Mariano Cano 79cf059447 Remove deprecated methods and write all pki files at once. 3 years ago
Mariano Cano ad4dbd6764 Write all files on save. 3 years ago
Mariano Cano 50f7a0d0c0 Work in progress implementation of PKI with helm support 3 years ago
Mariano Cano 721459210e Make pki initialization more flexible. 3 years ago
max furman 7b5d6968a5 first commit 3 years ago
Mariano Cano 9270d432ea Remove unused code. 4 years ago