Commit Graph

987 Commits

Author SHA1 Message Date
Mariano Cano
64cbac4e81 Extract servername from tls connection state. 2019-02-13 15:09:03 -08:00
Mariano Cano
79a030960b Enable client certificate rotation with GetClientCertificate. 2019-02-13 14:31:08 -08:00
Mariano Cano
3ba6e33791 Add a new hello-mTLS example using gRPC in go
Fixes #32
2019-02-13 13:01:35 -08:00
max furman
795566a36a moved images 2019-02-12 14:29:19 -08:00
max furman
6f5ead46fd move image artifacts into images dir 2019-02-12 13:18:37 -08:00
max furman
c94fb80f4b dep update cli 2019-02-12 12:56:58 -08:00
Mike Malone
ef99dd28e5 new connect with mtls diagram 2019-02-12 12:36:25 -08:00
Michael Malone
7e928b03c5
readme updates
announced autocert & added "connect with mtls" image
2019-02-12 12:09:55 -08:00
max furman
ba58ab098c move step-ca.gif | remove extraneous config file 2019-02-12 09:52:01 -08:00
max furman
bf26528b74 dep ensure 2019-02-12 09:49:10 -08:00
Mariano Cano
852f4ed564 Fix dependency and linter errors. 2019-02-11 20:27:41 -08:00
Mariano Cano
0eb0c3a21b
Merge pull request #31 from smallstep/autocert
merge autocert!
2019-02-11 19:42:06 -08:00
Mike Malone
a775360f10 fixed link 2019-02-11 17:46:46 -08:00
Mike Malone
68eed1bce9 docs updates 2019-02-11 17:43:47 -08:00
Mike Malone
4fe55051a1 updated README and added issue templates for autocert 2019-02-11 16:59:14 -08:00
Mike Malone
bb31a1634e readme update and new connect-with-mtls.png 2019-02-11 14:52:22 -08:00
Michael Malone
6877e389fb
added step-ca.gif to readme 2019-02-11 14:22:37 -08:00
Michael Malone
6aa5e125d8
added step-ca.gif 2019-02-11 14:19:18 -08:00
Michael Malone
ea7a1f5478
dropped in animated gif real quick 2019-02-11 13:00:18 -08:00
Mike Malone
ea23f738cb connect with mtls diagram 2019-02-11 12:09:08 -08:00
Mike Malone
6cb5505026 updated docs 2019-02-08 14:21:07 -08:00
Mike Malone
d40911937f updated readme & added runbook 2019-02-08 09:42:57 -08:00
Mariano Cano
2e98febcd9 Add envoy hello mTLS example.
Fixes smallstep/ca-component#144
2019-02-07 15:30:37 -08:00
Mariano Cano
23c60d5f3f Remove unnecessary sleep. 2019-02-07 12:05:38 -08:00
Mariano Cano
b18e3638bc Revert "Remove unnecessary sleep"
This reverts commit 082eee63f1.
2019-02-07 12:05:13 -08:00
Mariano Cano
082eee63f1 Remove unnecessary sleep 2019-02-07 10:53:25 -08:00
max furman
cedf8784b6 dep update cli 2019-02-06 18:59:36 -08:00
Mariano Cano
262a9d0978
Merge pull request #27 from smallstep/mariano/renew-pool
SDK should update certificate pools safely
2019-02-06 16:56:38 -08:00
Mariano Cano
e0fff4d80b Fix typo. 2019-02-06 16:52:44 -08:00
Mariano Cano
f1f6c548ad Fix typo. 2019-02-06 16:48:20 -08:00
Mariano Cano
14fcf58903 Add client implementation of hello-mTLS using nodejs
Fixes smallstep/ca-component#138
2019-02-06 16:42:29 -08:00
Mariano Cano
8022ed80bc Add node to README.md 2019-02-06 16:42:29 -08:00
Mariano Cano
1197753f35 Add hello-mTLS server example using nodejs.
Fixes smallstep/ca-component#138
2019-02-06 16:42:29 -08:00
max furman
7e43402575 bug fix: don't add common name to CSR validation claims in Sign
* added unit test for this case
2019-02-06 16:26:25 -08:00
Mike Malone
0c53b0f310 rename cluster role & binding to match other binding names 2019-02-06 13:57:29 -08:00
Mike Malone
3a516d92aa check for permissions init autocert deploy script 2019-02-06 13:56:33 -08:00
Mariano Cano
74114a6234 Add hello-mTLS for nginx 2019-02-06 11:53:10 -08:00
Mariano Cano
758d829355 Fix tests. 2019-02-05 20:27:29 -08:00
max furman
47228cd9a0 dep ensure to update cli 2019-02-05 19:50:23 -08:00
max furman
f6bfb71602 cli dep sans -> master 2019-02-05 19:46:16 -08:00
Max
91f183a62a
Merge pull request #29 from smallstep/sans
Add SANs support
2019-02-05 21:40:19 -06:00
max furman
3415a1fef8 move SplitSANs to cli 2019-02-05 19:32:01 -08:00
Mariano Cano
975cb75fbd Fix typo. 2019-02-05 17:33:16 -08:00
Mariano Cano
3c06d6f9bc Fix comment. 2019-02-05 17:30:10 -08:00
Mariano Cano
e330ac547c Fix comment. 2019-02-05 17:29:28 -08:00
Mariano Cano
cd934bbede Remove println 2019-02-05 17:27:10 -08:00
max furman
6937bfea7b claims.SANS -> claims.SANs 2019-02-04 20:22:02 -08:00
max furman
93f39c64a0 backwards compat only when SANS empty 2019-02-04 20:02:56 -08:00
Mariano Cano
4c9dccd3f6 Allow multiple certificates in the root pem. 2019-02-04 10:29:52 -08:00
max furman
ab78534b08 add test for SAN backwards compatibility with CLI
* new provisioner tokens always contain the crt.Subject.CommonName
in the SANS attribute of the token claims. added tests that verifies
backwards compatibility still works in cases where the token does not
contain the subject as a SAN claim.
2019-02-01 12:24:21 -06:00