Mariano Cano
64cbac4e81
Extract servername from tls connection state.
2019-02-13 15:09:03 -08:00
Mariano Cano
79a030960b
Enable client certificate rotation with GetClientCertificate.
2019-02-13 14:31:08 -08:00
Mariano Cano
3ba6e33791
Add a new hello-mTLS example using gRPC in go
...
Fixes #32
2019-02-13 13:01:35 -08:00
max furman
795566a36a
moved images
2019-02-12 14:29:19 -08:00
max furman
6f5ead46fd
move image artifacts into images dir
2019-02-12 13:18:37 -08:00
max furman
c94fb80f4b
dep update cli
2019-02-12 12:56:58 -08:00
Mike Malone
ef99dd28e5
new connect with mtls diagram
2019-02-12 12:36:25 -08:00
Michael Malone
7e928b03c5
readme updates
...
announced autocert & added "connect with mtls" image
2019-02-12 12:09:55 -08:00
max furman
ba58ab098c
move step-ca.gif | remove extraneous config file
2019-02-12 09:52:01 -08:00
max furman
bf26528b74
dep ensure
2019-02-12 09:49:10 -08:00
Mariano Cano
852f4ed564
Fix dependency and linter errors.
2019-02-11 20:27:41 -08:00
Mariano Cano
0eb0c3a21b
Merge pull request #31 from smallstep/autocert
...
merge autocert!
2019-02-11 19:42:06 -08:00
Mike Malone
a775360f10
fixed link
2019-02-11 17:46:46 -08:00
Mike Malone
68eed1bce9
docs updates
2019-02-11 17:43:47 -08:00
Mike Malone
4fe55051a1
updated README and added issue templates for autocert
2019-02-11 16:59:14 -08:00
Mike Malone
bb31a1634e
readme update and new connect-with-mtls.png
2019-02-11 14:52:22 -08:00
Michael Malone
6877e389fb
added step-ca.gif to readme
2019-02-11 14:22:37 -08:00
Michael Malone
6aa5e125d8
added step-ca.gif
2019-02-11 14:19:18 -08:00
Michael Malone
ea7a1f5478
dropped in animated gif real quick
2019-02-11 13:00:18 -08:00
Mike Malone
ea23f738cb
connect with mtls diagram
2019-02-11 12:09:08 -08:00
Mike Malone
6cb5505026
updated docs
2019-02-08 14:21:07 -08:00
Mike Malone
d40911937f
updated readme & added runbook
2019-02-08 09:42:57 -08:00
Mariano Cano
2e98febcd9
Add envoy hello mTLS example.
...
Fixes smallstep/ca-component#144
2019-02-07 15:30:37 -08:00
Mariano Cano
23c60d5f3f
Remove unnecessary sleep.
2019-02-07 12:05:38 -08:00
Mariano Cano
b18e3638bc
Revert "Remove unnecessary sleep"
...
This reverts commit 082eee63f1
.
2019-02-07 12:05:13 -08:00
Mariano Cano
082eee63f1
Remove unnecessary sleep
2019-02-07 10:53:25 -08:00
max furman
cedf8784b6
dep update cli
2019-02-06 18:59:36 -08:00
Mariano Cano
262a9d0978
Merge pull request #27 from smallstep/mariano/renew-pool
...
SDK should update certificate pools safely
2019-02-06 16:56:38 -08:00
Mariano Cano
e0fff4d80b
Fix typo.
2019-02-06 16:52:44 -08:00
Mariano Cano
f1f6c548ad
Fix typo.
2019-02-06 16:48:20 -08:00
Mariano Cano
14fcf58903
Add client implementation of hello-mTLS using nodejs
...
Fixes smallstep/ca-component#138
2019-02-06 16:42:29 -08:00
Mariano Cano
8022ed80bc
Add node to README.md
2019-02-06 16:42:29 -08:00
Mariano Cano
1197753f35
Add hello-mTLS server example using nodejs.
...
Fixes smallstep/ca-component#138
2019-02-06 16:42:29 -08:00
max furman
7e43402575
bug fix: don't add common name to CSR validation claims in Sign
...
* added unit test for this case
2019-02-06 16:26:25 -08:00
Mike Malone
0c53b0f310
rename cluster role & binding to match other binding names
2019-02-06 13:57:29 -08:00
Mike Malone
3a516d92aa
check for permissions init autocert deploy script
2019-02-06 13:56:33 -08:00
Mariano Cano
74114a6234
Add hello-mTLS for nginx
2019-02-06 11:53:10 -08:00
Mariano Cano
758d829355
Fix tests.
2019-02-05 20:27:29 -08:00
max furman
47228cd9a0
dep ensure to update cli
2019-02-05 19:50:23 -08:00
max furman
f6bfb71602
cli dep sans -> master
2019-02-05 19:46:16 -08:00
Max
91f183a62a
Merge pull request #29 from smallstep/sans
...
Add SANs support
2019-02-05 21:40:19 -06:00
max furman
3415a1fef8
move SplitSANs to cli
2019-02-05 19:32:01 -08:00
Mariano Cano
975cb75fbd
Fix typo.
2019-02-05 17:33:16 -08:00
Mariano Cano
3c06d6f9bc
Fix comment.
2019-02-05 17:30:10 -08:00
Mariano Cano
e330ac547c
Fix comment.
2019-02-05 17:29:28 -08:00
Mariano Cano
cd934bbede
Remove println
2019-02-05 17:27:10 -08:00
max furman
6937bfea7b
claims.SANS -> claims.SANs
2019-02-04 20:22:02 -08:00
max furman
93f39c64a0
backwards compat only when SANS empty
2019-02-04 20:02:56 -08:00
Mariano Cano
4c9dccd3f6
Allow multiple certificates in the root pem.
2019-02-04 10:29:52 -08:00
max furman
ab78534b08
add test for SAN backwards compatibility with CLI
...
* new provisioner tokens always contain the crt.Subject.CommonName
in the SANS attribute of the token claims. added tests that verifies
backwards compatibility still works in cases where the token does not
contain the subject as a SAN claim.
2019-02-01 12:24:21 -06:00