Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,264 Commits
42 Branches
214 Tags
91 MiB
dependabot/go_modules/google.golang.org/grpc-1.64.0
master
mariano/signer
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'dde9330244'
${ noResults }
Commit Graph

3264 Commits (dde9330244a91afd1581d478578c38aac8dbed1d)
 

Author SHA1 Message Date
max furman dde9330244
Remove deprecated docs directory 2 years ago
Max 80cbcb652b
Merge pull request #1164 from smallstep/max/bad-comment 
Correct bad comment on NotImplementedError.Error()
 2 years ago
max furman 57c1c2071d
Correct bad comment on NotImplementedError.Error() 2 years ago
Mariano Cano e8726d24fa
Merge pull request #1156 from smallstep/ra-renew 
Add support for renew when using stepcas
 2 years ago
Max 202b17c3f2
Merge pull request #1159 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.10.0 
Bump cloud.google.com/go/security from 1.9.0 to 1.10.0
 2 years ago
dependabot[bot] ae684a557a
Bump cloud.google.com/go/security from 1.9.0 to 1.10.0 
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.9.0...asset/v1.10.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Max 7354e6e905
Merge pull request #1163 from smallstep/max/longrunning 
Updates for deprecated google cloud security APIs
 2 years ago
max furman e351bd90dc
Run make generate with mockgen@v1.6.0 2 years ago
max furman 8f7fae585c
Add mockgen commands for cloudcas_test 2 years ago
max furman d4e81723ee
Updates for deprecated google cloud security APIs 2 years ago
Max 55a684fe5a
Merge pull request #1162 from smallstep/dependabot/go_modules/google.golang.org/api-0.102.0 
Bump google.golang.org/api from 0.101.0 to 0.102.0
 2 years ago
Max 4fcfc9481b
Merge pull request #1160 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.0 
Bump github.com/newrelic/go-agent/v3 from 3.19.2 to 3.20.0
 2 years ago
dependabot[bot] 656b9ab217
Bump google.golang.org/api from 0.101.0 to 0.102.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.101.0 to 0.102.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.101.0...v0.102.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Herman Slatman 9cbee4da33
Merge pull request #1158 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.23.0 
Bump go.step.sm/crypto from 0.22.0 to 0.23.0
 2 years ago
dependabot[bot] 88febefbcf
Bump github.com/newrelic/go-agent/v3 from 3.19.2 to 3.20.0 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.19.2 to 3.20.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.19.2...v3.20.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 2891f6b397
Bump go.step.sm/crypto from 0.22.0 to 0.23.0 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Mariano Cano c7f226bcec
Add support for renew when using stepcas 
It supports renewing X.509 certificates when an RA is configured with stepcas.
This will only work when the renewal uses a token, and it won't work with mTLS.

The audience cannot be properly verified when an RA is used, to avoid this we
will get from the database if an RA was used to issue the initial certificate
and we will accept the renew token.

Fixes #1021 for stepcas
 2 years ago
Mariano Cano 068a2dae8e
Merge pull request #1155 from smallstep/acme-port-flags 
Use the same style of flags
 2 years ago
Mariano Cano e00781873e
Update commands/app.go 
Co-authored-by: Max <mx.furman@gmail.com>
 2 years ago
Mariano Cano bae9a0c152
Use the same style of flags 
It changes the new step-ca flags to use a standard style.
 2 years ago
Mariano Cano 6c0cb23125
Merge pull request #1153 from smallstep/acme-port 
Add support for custom acme ports
 2 years ago
Mariano Cano e27c6c529b
Add support for custom acme ports 
This change adds the flags --acme-http-port, --acme-tls-port, that
combined with --insecure can be used to set custom ports for ACME
http-01 and tls-alpn-01 challenges. These flags should only be used
for testing purposes.

Fixes #1015
 2 years ago
Max 9d90d0cef3
Merge pull request #1152 from smallstep/max/cosign-experimental 
[action] Add COSIGN_EXPERIMENTAL env var to cosign release docs
 2 years ago
max furman 3728cee02a
[action] Add COSIGN_EXPERIMENTAL env var to cosign release docs 2 years ago
Max be8c0b4531
Merge pull request #1151 from smallstep/max/gomod 
go.mod syntax
 2 years ago
max furman 4ccc9a0c32
go.mod syntax 2 years ago
Max 6136dbb196
Merge pull request #1147 from smallstep/dependabot/go_modules/cloud.google.com/go-0.105.0 
Bump cloud.google.com/go from 0.104.0 to 0.105.0
 2 years ago
dependabot[bot] bd577e7531
Bump cloud.google.com/go from 0.104.0 to 0.105.0 
Bumps [cloud.google.com/go](https://github.com/googleapis/google-cloud-go) from 0.104.0 to 0.105.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.104.0...v0.105.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Max e53a4b2ed5
Merge pull request #1149 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.22.0 
Bump go.step.sm/crypto from 0.21.0 to 0.22.0
 2 years ago
dependabot[bot] 917d8dc103
Bump go.step.sm/crypto from 0.21.0 to 0.22.0 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.21.0 to 0.22.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.21.0...v0.22.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Max b85b52d7b5
Merge pull request #1148 from smallstep/dependabot/go_modules/google.golang.org/api-0.101.0 
Bump google.golang.org/api from 0.100.0 to 0.101.0
 2 years ago
Max ea3f2fee7b
Merge pull request #1150 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.8.2 
Bump github.com/hashicorp/vault/api from 1.8.1 to 1.8.2
 2 years ago
Max 9d9236c985
Merge pull request #1146 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.9.0 
Bump cloud.google.com/go/security from 1.8.0 to 1.9.0
 2 years ago
dependabot[bot] d26414a864
Bump github.com/hashicorp/vault/api from 1.8.1 to 1.8.2 
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 22d2c1c31f
Bump google.golang.org/api from 0.100.0 to 0.101.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.100.0 to 0.101.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.100.0...v0.101.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 4e077f997e
Bump cloud.google.com/go/security from 1.8.0 to 1.9.0 
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.8.0...asset/v1.9.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Max 995b6d1b6c
Merge pull request #1142 from smallstep/max/keyless-cosign 
[action] keyless cosign for all release artifacts
 2 years ago
max furman c36b36f070
[action] cosign over docker image digest 2 years ago
Mariano Cano 3e0b603eb4
Merge pull request #731 from unreality/crl-support 
Support for CRL
 2 years ago
Mariano Cano 2d582e5694
Remove use of time.Duration.Abs 
time.Duration.Abs() was added in Go 1.19
 2 years ago
Mariano Cano 89c8c6d0a0
Fix package name in tls test 2 years ago
Mariano Cano f066ac3d40
Remove buggy logic on GetRevokedCertificates() 2 years ago
Mariano Cano 51c7f56030
Truncate time to the second 2 years ago
Mariano Cano 6d4fd7d016
Update changelog with CRL support 2 years ago
Mariano Cano 812fee7630
Start crl generator before setting initOnce 2 years ago
Mariano Cano 59775fff0c
Merge branch 'master' into crl-support 2 years ago
Mariano Cano 8200d19894
Improve CRL implementation 
This commit adds some changes to PR #731, some of them are:
- Add distribution point to the CRL
- Properly stop the goroutine that generates the CRLs
- CRL config validation
- Remove expired certificates from the CRL
- Require enable set to true to generate a CRL

This last point is the principal change in behaviour from the previous
implementation. The CRL will not be generated if it's not enabled, and
if it is enabled it will always be regenerated at some point, not only
if there is a revocation.
 2 years ago
max furman c43d59a69a
[action] keyless cosign for all release artifacts 2 years ago
Herman Slatman 0af15a0538
Merge pull request #1140 from smallstep/herman/remote-management-helm 
Add provisioner and super admin subject output to `ca init`
 2 years ago
Herman Slatman a9359522e6
Add provisioner and super admin subject output to `ca init` 
When initializing a CA with `--remote-management`, it wasn't made
clear that the default JWK provisioner is used when authenticating
for administration purposes and that a default `step` user is
created to login with. This commit adds some additional information
to the CLI output on completion of `ca init`.
 2 years ago