Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,987 Commits
38 Branches
221 Tags
44 MiB
master
herman/pkcs7-windows-scep-fix
root-not-found-error-message
relative-paths-config
herman/wire-dpop-struct
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.26.2
v0.27.0
v0.27.1
v0.27.2
v0.27.3
v0.27.4
v0.27.4-rc1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'de45d66cdb'
${ noResults }
Commit Graph

47 Commits (de45d66cdb16bf8fecd443496b736a88c70c11c4)

Author SHA1 Message Date
Mariano Cano 875512c79e
Use the same version for building and running 
This commit makes sure to use the same version for building step-ca with
CGO and running it.

Fixes #1611
 11 months ago
Carl Tashian 73cb04318a
Trying a different approach 1 year ago
francescocapuano 7f54153a1b Add DOCKER_STEPCA_INIT_PASSWORD_FILE variable for docker secrets 
Add the management of the DOCKER_STEPCA_INIT_PASSWORD_FILE variable.  over DOCKER_STEPCA_INIT_PASSWORD.
If both are used only DOCKER_STEPCA_INIT_PASSWORD_FILE will be used.
 1 year ago
Carl Tashian df2909e712
Further docker simplifications 2 years ago
Carl Tashian 25e35aa0ad
Small dockerfile refactor 2 years ago
Carl Tashian b92f37a61d
Use cloud tag on step-kms-plugin 2 years ago
Carl Tashian 4378300c80
Update cache before installing packages 2 years ago
Carl Tashian 79b3924322
Fix docker tags 2 years ago
Carl Tashian 12d8ca526a
Update Dockerfile.hsm to use debian:bullseye base image 2 years ago
Michel Jung ebe7e5d019
Add DOCKER_STEPCA_INIT_ADDRESS 
This allows configuring "--address" instead of using hard-coded :9000
 2 years ago
Mariano Cano 3b1be62663
Add step-kms-plugin to docker images and build a CGO based one 2 years ago
Mariano Cano 39f46d31b9
Remove deprecated binaries 
This commit removes the following deprecated binaries:

 - step-awskms-init
 - step-cloudkms-init
 - step-pkcs11-init
 - step-yubikey-init

From now on step and step-kms-plugin should be used to initialize the
PKI in AWS KMS, GCP KMS, PKCS#11 modules or YubiKeys.

A future commit will add step-kms-plugin to the docker images of
step-ca.

Fixes #1046
 2 years ago
Carl Tashian 2ab9483952
Only pass --admin-subject if --remote-management is true; fix overall boolean handling 2 years ago
Carl Tashian dc8b196823
Print admin username and pw after init 2 years ago
Carl Tashian 328276eaeb
Shred provisioner password 2 years ago
Carl Tashian ad5cbd9a0e
Print and delete provisioner password on setup 2 years ago
Carl Tashian a017238874
No need for PROVISIONER_PWDPATH 2 years ago
Carl Tashian 313bf2354b
Check for existance of pwdpath before copying 2 years ago
Carl Tashian 640bd0b7c7
Tabs to spaces 2 years ago
Carl Tashian c836c7ab40
Backward compatibility 2 years ago
Carl Tashian 8242895909
Update hsm dockerfile as well 2 years ago
Carl Tashian 844cfd3bad
Generate and use independent provisioner and private key passwords 2 years ago
Herman Slatman 4e3a6e67f1
Add env vars for enabling Remote Management and ACME provisioner. 
A `step-ca` instance created in a container can now be initialized
with Remote Management by setting `DOCKER_STEPCA_INIT_REMOTE_MANAGEMENT`.
An ACME provisioner with default settings can be created at initialization
by setting `DOCKER_STEPCA_INIT_ACME`.
 2 years ago
Mariano Cano 18555a3cb2
Split build and download in Dockerfiles 
On systems with low resources the command `go mod download` can fail.
This causes long builds of the docker images. This change adds a new
layer in the docker build splitting the build and download in two
steps.

Fixes #1114
 2 years ago
Jakob Schlyter c1425422dd include support for GCP and AWS KMS by default 2 years ago
Jakob Schlyter df8eca2c19 space 2 years ago
Jakob Schlyter 66ba6048a4 start pcscd if installed 2 years ago
Jakob Schlyter 6ee48ca631 add pcsc-lite 2 years ago
Jakob Schlyter 221ced5c51 add Dockerfile for building with HSM support 2 years ago
Carl Tashian f738cb43c3 Make the default provisioner name optional; change DNS names variable name 3 years ago
Carl Tashian 4e8e4c638e Add newline to password file for readabiliy 3 years ago
Carl Tashian bc63829111 Auto-generate password by default 3 years ago
Carl Tashian 7ab26c8303 Auto-generate password by default 3 years ago
Carl Tashian 8d52379771 New Dockerfile with entrypoint script for easy CA init 3 years ago
Carl Tashian 3b31c6d2f5 Change `HEALTHCHECK` to use `step ca health`. Change shell `CMD exec` to skip redundant `/bin/sh -c` 4 years ago
Carl Tashian 6ffc438ed1 Update Dockerfile.step-ca to match best practices 
- See https://docs.docker.com/develop/develop-images/dockerfile_best-practices/
- Added a .dockerignore file to reduce the build context size
- Added a HEALTHCHECK (curl the CA)
 4 years ago
Carl Tashian 9815a38a2c Fixes #344; also gets docker buildx working on both darwin & linux 4 years ago
Moritz Marquardt da18defd94 Let step-ca bind to ports < 1024 5 years ago
max furman 2871d0b68b bump Docker to latest tag 5 years ago
Mariano Cano c099795122 Revert use latest version as it does not yet exists. 6 years ago
Mariano Cano ce54927dab Use latest tag. 6 years ago
Mariano Cano f1dacc6b57 Remove deprecated script. 6 years ago
Mariano Cano b5d67ab129 Remove exposed port, it depends on the configuration. 6 years ago
Mariano Cano 1579a87cc6 Remove unnecessary file. 6 years ago
Mariano Cano 2f661c0941 Update docker images and add docs on how to run step-ca on docker. 
Fixes #48
 6 years ago
max furman 8402b06119 bump step-cli container version in step-ca Dockerfile 6 years ago
max furman f7154a9ba3 add Makefile build and deploy docker image for step-ca 6 years ago