Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,512 Commits
38 Branches
221 Tags
44 MiB
master
herman/pkcs7-windows-scep-fix
root-not-found-error-message
relative-paths-config
herman/wire-dpop-struct
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.26.2
v0.27.0
v0.27.1
v0.27.2
v0.27.3
v0.27.4
v0.27.4-rc1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '81b0c6c37c'
${ noResults }
Commit Graph

819 Commits (81b0c6c37c6129930ffb659cb8758952a7834e91)

Author SHA1 Message Date
Herman Slatman 81b0c6c37c
Add API implementation for authority and provisioner policy 3 years ago
Herman Slatman 3ec9a7310c
Fix ACME order identifier allow/deny check 3 years ago
Herman Slatman 7c541888ad
Refactor configuration of allow/deny on authority level 3 years ago
Herman Slatman af53a17bb4
Merge branch 'master' into herman/allow-deny 3 years ago
Mariano Cano 15b1049f19 Fix json tag for Azure.ObjectIDs. 3 years ago
Mariano Cano 6f46cdb432
Merge pull request #829 from vijayjt/new-azure-token-authz-options 
Add subscription and object ID validation options to Azure provisioner
 3 years ago
max furman a79d4af19b change return value of generateProvisionerConfig to value 
- always used as value (rather than pointer)
 3 years ago
max furman 6030f8bc2e Validate provisioner configuration before storing in DB 3 years ago
vijayjt b128e37090 Add SubscriptionIDs and ObjectIDs to provisioner-linkedca conversion functions 3 years ago
vijayjt 4a10f2c584 Rename new fields as per feedback to remove AAD from the name 3 years ago
vijayjt 8b68bedffa Add support for validation of certificate requests using Azure subscription and AAD object IDs. See #735 3 years ago
Herman Slatman c3c6f3da72
Merge branch 'master' into herman/allow-deny 3 years ago
Mariano Cano abe951d416 Fix name of the variable in comment. 3 years ago
Mariano Cano a0cf808393 Make the X5C leaf certificate available to the templates. 
X509 and SSH templates of the X5C provisioner will have now access
to the leaf certificate used to sign the token using the template
variable .AuthorizationCrt

Fixes #433
 3 years ago
Herman Slatman 4ebf43c011
Merge pull request #820 from smallstep/herman/acme-api 
Refactor ACME Admin API
 3 years ago
Herman Slatman 5b713a564c
Change CM link 3 years ago
Herman Slatman 5cb23c6029
Merge pull request #804 from smallstep/herman/normalize-ipv6-dns-names 
Normalize IPv6 hostname addresses
 3 years ago
Herman Slatman d00729df0b
Refactor ACME Admin API 3 years ago
max furman 62690ab52e Fix linting errors and pin linter version in release action 3 years ago
Mariano Cano d384b534c7
Merge pull request #814 from smallstep/x509-enforcer 
Authority enforcer option
 3 years ago
Herman Slatman bfa2245abb
Merge branch 'master' into herman/normalize-ipv6-dns-names 3 years ago
Herman Slatman e887ccaa07
Ensure the CA TLS certificate represents IPv6 DNS names as IP in cert 
If an IPv6 domain name (i.e. [::1]) is provided manually in the `ca.json`,
this commit will ensure that it's represented as an IP SAN in the TLS
certificate. Before this change, the IPv6 would become a DNS SAN.
 3 years ago
Mariano Cano 300c19f8b9 Add a custom enforcer that can be used to modify a cert. 3 years ago
Herman Slatman 88c7b63c9d
Split SSH user and cert policy configuration and execution 3 years ago
Herman Slatman acd13cb92d
Merge branch 'master' of github.com:smallstep/certificates into herman/allow-deny 3 years ago
Herman Slatman c1424036bf
Merge branch 'master' into herman/allow-deny 3 years ago
Herman Slatman c7c5c3c94e
Merge branch 'master' into herman/scep-macos-renewal-fixes 3 years ago
Herman Slatman 9617edf0c2
Improve internationalized domain name handling 
This PR improves internationalized domain name handling according
to rules of IDNA and based on the description in RFC 5280, section 7:
https://datatracker.ietf.org/doc/html/rfc5280#section-7.

Support for internationalized URI(s), so-called IRIs, still needs to
be done.
 3 years ago
Herman Slatman 512b8d6730
Refactor instantiation of policy engines 
Instead of using the `base` struct, the x509 and SSH policy
engines are now added to each provisioner directly.
 3 years ago
Herman Slatman 066bf32086
Fix part of PR comments 3 years ago
Herman Slatman fd9845e9c7
Add cursor and limit to ACME EAB DB interface 3 years ago
Herman Slatman 3b72d241e0
Add LinkedCA integration for improved SCEP provisioner 3 years ago
Herman Slatman 868cc4ad7f
Increase test coverage for additional indexes 3 years ago
Herman Slatman 8838961b68
Merge branch 'master' into hs/acme-eab 3 years ago
Herman Slatman 716b946e7a
Normalize IPv6 hostname addresses 3 years ago
Herman Slatman 64680bb16d
Fix PR comments 3 years ago
Herman Slatman 3612eefc31
Cleanup 3 years ago
Herman Slatman 6440870a80
Clean up, improve test cases and coverage 3 years ago
Herman Slatman 1e808b61e5
Merge logic for X509 and SSH policy 3 years ago
Herman Slatman 6bc301339f
Improve test case and code coverage 3 years ago
Herman Slatman 91d51c2b88
Add allow/deny to Nebula provisioner 3 years ago
Herman Slatman d9c56d67cc
Merge branch 'master' into herman/allow-deny 3 years ago
Herman Slatman 9c6580ccd2
Fix macOS SCEP client issues 
Fixes #746
 3 years ago
Herman Slatman 988efc8cd4
Merge pull request #792 from smallstep/herman/improve-template-errors 
Improve errors related to template execution failures
 3 years ago
Herman Slatman 50c3bce98d
Change if/if to if/else-if when checking the type of JSON error 3 years ago
max furman 4afcdd55ff Update doc line on WithSSHGetHosts 3 years ago
Herman Slatman a3cf6bac36
Add special handling for *json.UnmarshalTypeError 3 years ago
Herman Slatman 0475a4d26f
Refactor extraction of JSON template syntax errors 3 years ago
Herman Slatman a5455d3572
Improve errors related to template execution failures (slightly) 3 years ago
Mariano Cano de549adf2d Do not add extra new lines when creating nebula provisioners 3 years ago