Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,182 Commits
40 Branches
214 Tags
92 MiB
master
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a9359522e6'
${ noResults }
Commit Graph

1073 Commits (a9359522e60904277773e7fbe5d76a09fc85c1c7)

Author SHA1 Message Date
Herman Slatman 9d04e7d1dc
Remove period in log output 2 years ago
Herman Slatman 54c560f620
Improve configuration file initialization log output 2 years ago
Herman Slatman fd38dd34f9
Fix PR comments 2 years ago
Herman Slatman 49718f1bbb
Fix some comments 2 years ago
Herman Slatman 70da534893
Merge branch 'master' into herman/remote-management-helm 2 years ago
Mariano Cano aefdfc7be7
Use RawSubject on renew and rekey 
Renew was not replicating exactly the subject because extra names
gets decoded into pkix.Name.Names, the non-default ones should be
added to pkix.Name.ExtraNames. Instead of doing that, this commit
sets the RawSubject that will also keep the order.

Fixes #1106
 2 years ago
Herman Slatman cbc0864370
Remove TODO and clarify ACME revoke authorization method docs 2 years ago
Herman Slatman d981b9e0dc
Add `--admin-subject` flag to `ca init` 
The first super admin subject can now be provided through the
`--admin-subject` flag when initializing a CA.

It's not yet possible to configure the subject of the first
super admin when provisioners are migrated from `ca.json` to the
database. This effectively limits usage of the flag to scenarios
in which the provisioners are written to the database immediately,
so when `--remote-management` is enabled. It currently also doesn't
work with Helm deployments, because there's no mechanism yet to
pass this type of option to the Helm chart.

This commit partially addresses https://github.com/smallstep/cli/issues/697
 2 years ago
Herman Slatman da5d2b405c
Merge branch 'master' into herman/remote-management-helm 2 years ago
max furman 7203739369
Fix err assert linter warnings - upgrade outdated package 2 years ago
Herman Slatman 674206320c
Write updated CA configuration after migrating provisioners 2 years ago
Herman Slatman b5837f20c9
Merge branch 'master' into herman/remote-management-helm 2 years ago
Herman Slatman c9ee4a9f9d
Disable initialization log output if started with `--quiet` 2 years ago
Mariano Cano bd1938b0da
Add support for storing or sending attestation data to linkedca 2 years ago
Herman Slatman cebb7d7ef0
Add automatic migration of provisioners 
Provisioners stored in the CA configuration file are
automatically migrated to the database.

Currently no cleanup of the provisioners in the
configuration file yet. In certain situations this
may not work as expected, for example if the CA can't
write to the file. But it's probalby good to try it, so
that we can keep the configuration state of the CA consistent.
 2 years ago
Andrew Reed 2c5e41b093
Fix webhook controller ignoring cert type 2 years ago
Andrew Reed 7101fbb0ee
Provisioner webhooks (#1001) 2 years ago
Mariano Cano 906c5067b9
Include attestation roots on provisioner converters 2 years ago
Mariano Cano 2b19ba41fb Merge branch 'master' into name-constraints 2 years ago
Mariano Cano c9e7af3722 Use only name constraints in GetTLSCertificate 2 years ago
Mariano Cano 0bedd22850 Fix typos in WithX509IntermediateCerts comment 2 years ago
Mariano Cano 8374c0d26e Fix some more extra white spaces 2 years ago
Mariano Cano 965d59c0a8 Fix comment typos and extra white spaces 2 years ago
Mariano Cano 2eba5326db Remove policy validation on renew 2 years ago
Mariano Cano ccd93684c3 Remove unused variable 2 years ago
Mariano Cano 246566a195 Change way to get hasNameConstraints 2 years ago
Mariano Cano b94c0d09be Set up test properly 2 years ago
Mariano Cano 0214e015a0 Clarify comments by code review 2 years ago
Mariano Cano 23045e1812 Clarify comments by code review 2 years ago
max furman 4c7a2ce3eb
Fix errors.As linter warnings 2 years ago
Mariano Cano 15dc7901e5 Fix unit tests 2 years ago
Mariano Cano d68c765e20 Add context to errors 2 years ago
Mariano Cano 72e2c4eb2e Render proper policy and constrains errors 2 years ago
Mariano Cano 4b79405dac Check constraints and policy for leaf certificates too 2 years ago
Mariano Cano a6e85cbbf6 Fix linter errors 2 years ago
Mariano Cano 325d8bca4f Merge branch 'master' into name-constraints 2 years ago
max furman 2d4efc8292
Fix linter warnings 2 years ago
max furman 75bb196193
Add concurrency workflow config | fix broken test due to golang ver 2 years ago
max furman 120629edab
Do not use the templateError in the BadRequestErr 2 years ago
max furman 7c5e5b2b87
Even more linter fixes 2 years ago
max furman f3d1863ec6
A few more linter errors 2 years ago
max furman 1e0ea6f958
more linting fixes 2 years ago
max furman 33458c88aa
Standardize linting file and fix or ignore lots of linting errors 2 years ago
Mariano Cano f0a24bd8ca
Add acme property to enable challenges 
Fixes #1027
 2 years ago
Mariano Cano 567d96c771
Revert "Run on plaintext HTTP to support Cloud Run" 
This reverts commit 09b9673a60.
 2 years ago
Mariano Cano 191d9e8629
Use go.step.sm/crypto to set the permanent identifier 2 years ago
Mariano Cano debe565e42 Validate constraints on Sign and Renew/Rekey 
Fixes #1060
 2 years ago
Mariano Cano 89b6aa924a Normalize IPs in matchIPConstraint 2 years ago
Brandon Weeks f3d2bd7a19
Run on plaintext HTTP to support Cloud Run 2 years ago
Herman Slatman 25cbe02b9e
Add provisioner template validation 
Fixes #1012
 2 years ago