Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-11 07:11:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,295 Commits 37 Branches 223 Tags 44 MiB
99ce13a4ea
Commit Graph

6 Commits

Author SHA1 Message Date
Mariano Cano
10f6a901ec
Let the CA determine the RA lifetime 
When the RA mode with StepCAS is used, let the CA decide which lifetime
the RA should get instead of requiring always 24h.

This commit also fixes linter warnings.

Related to #1094
 2024-03-12 14:29:55 -07:00
Venky Gopal
fbc1e895c2 Allow x509 Service CA implementation to be injected through ca and authority options 2024-01-21 08:50:09 -05:00
Mariano Cano
c7f226bcec
Add support for renew when using stepcas 
It supports renewing X.509 certificates when an RA is configured with stepcas.
This will only work when the renewal uses a token, and it won't work with mTLS.

The audience cannot be properly verified when an RA is used, to avoid this we
will get from the database if an RA was used to issue the initial certificate
and we will accept the renew token.

Fixes #1021 for stepcas
 2022-11-04 16:42:07 -07:00
max furman
6af9437875
Rebase over master and a few more linter fixes 2022-09-20 19:05:12 -07:00
Mariano Cano
96de4e6ec8 Return a non-implemented error in stepcas.RenewCertificate. 2021-03-22 12:56:12 -07:00
Mariano Cano
8957e5e5a2 Add missing tests 2020-09-16 12:34:42 -07:00