Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,354 Commits
38 Branches
221 Tags
44 MiB
master
herman/pkcs7-windows-scep-fix
root-not-found-error-message
relative-paths-config
herman/wire-dpop-struct
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.26.2
v0.27.0
v0.27.1
v0.27.2
v0.27.3
v0.27.4
v0.27.4-rc1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8473164b41'
${ noResults }
Commit Graph

70 Commits (8473164b41d90cbd3d1f713b3694a8e5dac051d6)

Author SHA1 Message Date
Herman Slatman 0524122191
Remove authorization flow for different Account private keys 
As discussed in https://github.com/smallstep/certificates/issues/767,
we opted for not including this authorization flow to prevent users
from getting OOMs. We can add the functionality back when the
underlying data store can provide access to a long list of
Authorizations more efficiently, for example when a callback is
implemented.
 3 years ago
Herman Slatman 004fc054d5
Fix PR comments 3 years ago
Herman Slatman 06bb97c91e
Add logic for Account authorizations and improve tests 3 years ago
Herman Slatman bae1d256ee
Improve tests for JWK vs. KID revoke auth flow 
The logic for both test cases is fairly similar, but with some
small differences. Made those clearer by means of some comments.
Also added some comments to the middleware logic that decided
whether to extract JWK or lookup by KID.
 3 years ago
Herman Slatman a7fbbc4748
Add tests for GetCertificateBySerial 3 years ago
Herman Slatman 4d01cf8135
Increase test code coverage 3 years ago
Herman Slatman 2d357da99b
Add tests for ACME revocation 3 years ago
Herman Slatman ed295ca15d
Fix linting issue 3 years ago
Herman Slatman 2d50c96d99
Merge branch 'master' into hs/acme-revocation 3 years ago
Herman Slatman e7a988b2cd
Pin golangci-lint to v1.43.0 and fix issues 3 years ago
Herman Slatman c7a9c13060
Add tests for extractOrLookupJWK middleware 3 years ago
Herman Slatman 3151255a25
Merge branch 'master' into hs/acme-revocation 3 years ago
max furman 933b40a02a Introduce gocritic linter and address warnings 3 years ago
Mariano Cano 470b546d59
Merge pull request #557 from joejulian/http01-isv 
use InsecureSkipVerify for validation
 3 years ago
Herman Slatman 258efca0fa
Improve revocation authorization 3 years ago
Herman Slatman 2b15230aa4
Add Serial to Cert ID ACME table and lookup 3 years ago
Herman Slatman 8f7e700f09
Merge branch 'master' into hs/acme-revocation 3 years ago
max furman 857a50434c Merge branch 'master' into max/cert-mgr-crud 3 years ago
max furman 9fdef64709 Admin level API for provisioner mgmt v1 3 years ago
Herman Slatman 0e56932e76
Add support for revocation using JWK 3 years ago
Herman Slatman 84e7d468f2
Improve handling of ACME revocation 3 years ago
Herman Slatman d53bcaf830
Add base logic for ACME revoke-cert 3 years ago
Herman Slatman 64c15fde7e
Add tests for canonicalize function 3 years ago
Herman Slatman 523ae96749
Change identifier and challenge types to consts 3 years ago
Herman Slatman 84ea8bd67a
Fix PR comments 3 years ago
Herman Slatman 76dcf542d4
Fix mixed DNS and IP SANs in Order 3 years ago
Herman Slatman a0e92f8e99
Verify IP identifier contains valid IP 3 years ago
Herman Slatman 6486e6016b
Make logic for which challenge types to use clearer 3 years ago
Herman Slatman 3e36522329
Add preliminary support for TLS-ALPN-01 challenge for IP identifiers 3 years ago
Herman Slatman 6d9710c88d
Add initial support for ACME IP validation 3 years ago
Joe Julian 0369151bfa
use InsecureSkipVerify for validation 
The server will not yet have a valid certificate so we need to disable
certificate validation in the HTTPGetter.
 3 years ago
Mariano Cano 2e1524ec2f Remove the creation on nonce on get acme directory. 
According to RFC 8555, the replay nonces are only required in POST
requests. And of course in the new-nonce request.
 4 years ago
max furman 93c3c2bf2e Error handle non existent provisioner downstream and disable debug route logging 4 years ago
max furman 497ec0c79b Fix linter issues 4 years ago
max furman b1888fd34d Use different method for unescpaed paths for the router 4 years ago
max furman 672e3f976e Few ACME fixes ... 
- always URL escape linker output
- validateJWS should accept RSAPSS
- GetUpdateAccount -> GetOrUpdateAccount
 4 years ago
max furman 440678cb62 Add markInvalid arg to storeError for invalidating challenge 4 years ago
max furman 6b8585c702 PR review fixes / updates 4 years ago
max furman a785131d09 Fix lint issues 4 years ago
max furman 80c8567d99 change errnotfound type for getAccount 
- more generalized NotFound type rather than the nosql
one we were using
- if the error is not recognized then the logic in create account will
break.
 4 years ago
max furman 1831920363 Finish order unit tests and remove unused mocklinker 4 years ago
max furman b6ebc0fd25 more unit tests 4 years ago
max furman df05340521 fixing broken unit tests 4 years ago
max furman f72b2ff2c2 [acme db interface] nosql authz unit tests 4 years ago
max furman 074ab7b221 [acme db interface] add linker tests 4 years ago
max furman 8d2ebcfd49 [acme db interface] more unit tests 4 years ago
max furman 20b9785d20 [acme db interface] continuing unit test work 4 years ago
max furman 291fd5d45a [acme db interface] more unit tests 4 years ago
max furman f71e27e787 [acme db interface] unit test progress 4 years ago
max furman bb8d54e596 [acme db interface] unit tests compiling 4 years ago