Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,182 Commits
41 Branches
214 Tags
91 MiB
master
mariano/signer
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a9359522e6'
${ noResults }
Commit Graph

3182 Commits (a9359522e60904277773e7fbe5d76a09fc85c1c7)
 

Author SHA1 Message Date
Herman Slatman a9359522e6
Add provisioner and super admin subject output to `ca init` 
When initializing a CA with `--remote-management`, it wasn't made
clear that the default JWK provisioner is used when authenticating
for administration purposes and that a default `step` user is
created to login with. This commit adds some additional information
to the CLI output on completion of `ca init`.
 2 years ago
Herman Slatman e90fe4bfa0
Update CHANGELOG.md with provisioner migration 2 years ago
Herman Slatman 9d04e7d1dc
Remove period in log output 2 years ago
Herman Slatman 54c560f620
Improve configuration file initialization log output 2 years ago
Herman Slatman fd38dd34f9
Fix PR comments 2 years ago
Herman Slatman 49718f1bbb
Fix some comments 2 years ago
Herman Slatman 70da534893
Merge branch 'master' into herman/remote-management-helm 2 years ago
Mariano Cano 398213af51
Merge pull request #1123 from smallstep/renew-raw-subject 
Use RawSubject on renew and rekey
 2 years ago
Mariano Cano caf0628b8c
Merge pull request #1122 from smallstep/fix-1114 
Split build and download in Dockerfiles
 2 years ago
Mariano Cano aefdfc7be7
Use RawSubject on renew and rekey 
Renew was not replicating exactly the subject because extra names
gets decoded into pkix.Name.Names, the non-default ones should be
added to pkix.Name.ExtraNames. Instead of doing that, this commit
sets the RawSubject that will also keep the order.

Fixes #1106
 2 years ago
Mariano Cano 18555a3cb2
Split build and download in Dockerfiles 
On systems with low resources the command `go mod download` can fail.
This causes long builds of the docker images. This change adds a new
layer in the docker build splitting the build and download in two
steps.

Fixes #1114
 2 years ago
Mariano Cano 53f2ecdad9
Merge pull request #1121 from smallstep/fix-1115 
Use sh instead of bash in .version.sh script
 2 years ago
Mariano Cano d07c9accea
Use sh instead of bash in .version.sh script 
Fixes #1115
 2 years ago
Max 7b45968198
Merge pull request #1119 from smallstep/max/common-triage 2 years ago
max furman 91775f6d67
[action] move oss triage wofkow to common workflows 2 years ago
Max 361e2b2907
Merge pull request #1116 from smallstep/max/docs-revocation-link 
Update revocation docs link
 2 years ago
Max c103458ee9
Merge pull request #1110 from smallstep/dependabot/go_modules/google.golang.org/api-0.99.0 
Bump google.golang.org/api from 0.98.0 to 0.99.0
 2 years ago
max furman e436c36f8b
Update revocation docs link 2 years ago
dependabot[bot] b83f268b4d
Bump google.golang.org/api from 0.98.0 to 0.99.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.98.0 to 0.99.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.98.0...v0.99.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Max f410ef6628
Merge pull request #1112 from smallstep/dependabot/go_modules/github.com/googleapis/gax-go/v2-2.6.0 
Bump github.com/googleapis/gax-go/v2 from 2.5.1 to 2.6.0
 2 years ago
dependabot[bot] c3f6dcf7e7
Bump github.com/googleapis/gax-go/v2 from 2.5.1 to 2.6.0 
Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/googleapis/gax-go/releases)
- [Commits](https://github.com/googleapis/gax-go/compare/v2.5.1...v2.6.0)

---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Herman Slatman f7d153efa7
Merge pull request #1109 from smallstep/herman/remove-acme-revoke-authorization-todo 
Remove TODO and clarify ACME revoke authorization method docs
 2 years ago
Max 70828b882f
Merge pull request #1111 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.8.1 
Bump github.com/hashicorp/vault/api from 1.8.0 to 1.8.1
 2 years ago
Max a7db13d47b
Merge pull request #1113 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.50.1 
Bump google.golang.org/grpc from 1.50.0 to 1.50.1
 2 years ago
dependabot[bot] 9ee11fd850
Bump google.golang.org/grpc from 1.50.0 to 1.50.1 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.50.0 to 1.50.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.0...v1.50.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 3676c59599
Bump github.com/hashicorp/vault/api from 1.8.0 to 1.8.1 
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Herman Slatman cbc0864370
Remove TODO and clarify ACME revoke authorization method docs 2 years ago
Herman Slatman d981b9e0dc
Add `--admin-subject` flag to `ca init` 
The first super admin subject can now be provided through the
`--admin-subject` flag when initializing a CA.

It's not yet possible to configure the subject of the first
super admin when provisioners are migrated from `ca.json` to the
database. This effectively limits usage of the flag to scenarios
in which the provisioners are written to the database immediately,
so when `--remote-management` is enabled. It currently also doesn't
work with Helm deployments, because there's no mechanism yet to
pass this type of option to the Helm chart.

This commit partially addresses https://github.com/smallstep/cli/issues/697
 2 years ago
Herman Slatman 57001168a5
Add default `SSHPOP` provisioner to Helm template output 2 years ago
Herman Slatman c423e2f664
Improve Helm test data to be more realistic 2 years ago
Herman Slatman 459bfc4c4f
Add gibberish test key bytes to Helm tests 2 years ago
Herman Slatman 3262ffd43b
Add X.509 intermedaite and root certificates to Helm tests 2 years ago
Herman Slatman 1a5523f5c0
Add default JWK to the Helm tests 2 years ago
Herman Slatman da5d2b405c
Merge branch 'master' into herman/remote-management-helm 2 years ago
Max 65b5a636df
Merge pull request #1104 from smallstep/max/err-assert 
Fix err assert linter warnings - upgrade outdated package
 2 years ago
max furman 7203739369
Fix err assert linter warnings - upgrade outdated package 2 years ago
Herman Slatman 6516384160
Trigger CI 2 years ago
Mariano Cano e0994bed9d
Merge pull request #1102 from smallstep/yubikey-no-ca 
Add test simulating YubiKey v5.2.4
 2 years ago
Mariano Cano a7e597450a
Update acme/challenge_test.go 
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
 2 years ago
Herman Slatman 317efa4568
Add some TODOs for improvingin PKI initialization maintainability 2 years ago
Herman Slatman 8616d3160f
Add tests for writing the Helm template 2 years ago
Herman Slatman 674206320c
Write updated CA configuration after migrating provisioners 2 years ago
Herman Slatman b5837f20c9
Merge branch 'master' into herman/remote-management-helm 2 years ago
Herman Slatman c9ee4a9f9d
Disable initialization log output if started with `--quiet` 2 years ago
Mariano Cano 7a78c76199
Add test simulating YubiKey v5.2.4 
There are YubiKeys v5.2.4 where the attestation intermediate (f9)
does not have a basic constraint extension, so that certificate
is not marked as a CA. The test and CA in this commit imitates
that use case. Currently the test case returns an error as we
don't support it. But if we change the verification to support
this use case, the test should change accordingly.
 2 years ago
Max b142fc70f7
Merge pull request #1099 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.50.0 
Bump google.golang.org/grpc from 1.49.0 to 1.50.0
 2 years ago
Max 32edc54946
Merge pull request #1100 from smallstep/dependabot/go_modules/github.com/sirupsen/logrus-1.9.0 
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
 2 years ago
Max 8598ff6a1c
Merge pull request #1101 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.21.0 
Bump go.step.sm/crypto from 0.20.0 to 0.21.0
 2 years ago
dependabot[bot] b27d36d556
Bump go.step.sm/crypto from 0.20.0 to 0.21.0 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 2522efe27a
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago