Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-10-31 03:20:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,229 Commits 37 Branches 223 Tags 44 MiB
f1a2c68f43
Commit Graph

1223 Commits

Author SHA1 Message Date
Herman Slatman
f1a2c68f43
Merge pull request #1798 from smallstep/herman/fix-instrumented-key-manager 
Add support for `kmsapi.Decrypter` to instrumented key manager
 2024-04-15 15:32:56 +02:00
Mariano Cano
7df3ad05ed
Merge pull request #1797 from smallstep/mariano/init-scep 
Allow custom SCEP key manager
 2024-04-10 12:47:20 -07:00
Mariano Cano
4202d6673c
Remove debug statement 2024-04-10 09:32:58 -07:00
Herman Slatman
d6bbe5b06b
Add support for kmsapi.Decrypter to instrumented key manager 2024-04-10 16:38:31 +02:00
verytrap
db92404342 chore: fix function names in comment 
Signed-off-by: verytrap <wangqiuyue@outlook.com>
 2024-04-10 10:35:39 +08:00
Mariano Cano
725a913f66
Allow custom SCEP key manager 
This commit allows to inject a custom key manger for SCEP.
 2024-04-09 18:44:29 -07:00
Mariano Cano
0ac9023590
Fix typo in error message and comment 2024-03-12 14:58:36 -07:00
Mariano Cano
10f6a901ec
Let the CA determine the RA lifetime 
When the RA mode with StepCAS is used, let the CA decide which lifetime
the RA should get instead of requiring always 24h.

This commit also fixes linter warnings.

Related to #1094
 2024-03-12 14:29:55 -07:00
Herman Slatman
b8510dd5b2
Make the requestid an exported middleware 2024-03-07 10:41:19 +01:00
Herman Slatman
10aa48c74a
Merge pull request #1743 from smallstep/herman/improve-request-id 
Improve end-to-end request ID propagation
 2024-03-04 13:58:21 +01:00
Herman Slatman
d392c169fc
Improve functional coverage of request ID integration test 2024-03-04 12:00:08 +01:00
Herman Slatman
7e5f10927f
Decouple request ID middleware from logging middleware 2024-02-28 13:18:10 +01:00
Panagiotis Siatras
fb4cd6fe81
fix: Webhook-related instruments 
* fix: also instrument webhooks that do not reach the wire
* fix: register the webhook instrumentation
 2024-02-27 22:43:45 +02:00
Herman Slatman
041b486c55
Remove usages of Sign without context 2024-02-27 14:16:21 +01:00
Herman Slatman
c16a0b70ee
Remove smallstep/assert and pkg/errors from webhook tests 2024-02-27 13:44:44 +01:00
Herman Slatman
9689508709
Add tests for webhook request IDs 2024-02-27 13:39:21 +01:00
Herman Slatman
2a8b80a3e1
Merge branch 'master' into herman/webhook-request-id 2024-02-27 12:17:10 +01:00
Herman Slatman
bb296c9d19
Merge pull request #1708 from smallstep/herman/csr-expires-header 
Add `Expires` header to CRL endpoint
 2024-02-15 10:34:34 +01:00
Mariano Cano
ac773ff44e
Merge branch 'master' into allow_external_x509_ca_service_intf 2024-02-14 11:38:39 -08:00
Remi Vichery
ee44ac104d
fixup! Add AWS ca-west-1 identity document certificate 2024-02-13 08:54:24 -08:00
Remi Vichery
283d46d9a7
Add AWS ca-west-1 identity document certificate 2024-02-12 11:27:41 -08:00
Herman Slatman
69f5f8d8ea
Use stretchr/testify instead of smallstep/assert for tests 2024-02-08 14:11:13 +01:00
Herman Slatman
d1deb7f930
Add Expires header to CRL response 2024-02-08 14:10:48 +01:00
Panagiotis Siatras
dd1ff9c15b
Implementation of the Prometheus endpoint (#1669) 
Implementation of the http://{metricsAddress}/metrics Prometheus endpoint.
 2024-01-25 23:47:27 -08:00
Venky Gopal
fbc1e895c2 Allow x509 Service CA implementation to be injected through ca and authority options 2024-01-21 08:50:09 -05:00
Herman Slatman
25c109e75d
Change error message for CSR validation 2024-01-08 20:05:16 +01:00
Mariano Cano
b20af51f32
Upgrade go.step.sm/crypto to use go-jose/v3 2023-12-12 16:36:48 -08:00
Max
d34f0f6a97
Fix linter warnings (#1634) 2023-11-28 20:58:58 -08:00
Herman Slatman
f082cbc421
Denormalize provisioner name in SCEP webhook 2023-11-08 20:09:52 +01:00
Herman Slatman
9ebc8779f5
Normalize SCEP provisioner name in webhook body 2023-11-08 19:52:20 +01:00
Herman Slatman
e815864ed8
Add verification of provisionerName in test 2023-11-08 19:46:29 +01:00
Herman Slatman
de45d66cdb
Add provisionerName to webhook request body 2023-11-08 19:43:13 +01:00
Mariano Cano
49045a1150
Change CommonName validator in JWK 
This commit changes the common name validator in the JWK provisioner to
accept either the token subject or any of the sans in the token.
 2023-10-31 16:44:18 -07:00
Max
9f84f7ce35
Allow for identity certificate signing (in sshSign) by skipping validators (#1572) 
- skip urisValidator for identity certificate signing. Implemented
  by building the validator with the context in a hacky way.
 2023-10-06 14:02:19 -07:00
Mariano Cano
52baf52f84
Change scep password type to string 
This commit changes the type of the decrypter key password to string to
be consistent with other passwords in the ca.json
 2023-09-26 10:36:58 -07:00
Herman Slatman
c0fbace882
Address review remarks 2023-09-26 00:00:08 +02:00
Herman Slatman
4dc5a688fd
Set SCEP authority options once 2023-09-25 22:24:13 +02:00
Herman Slatman
15c46ebbaa
Switch logic for SCEP initialization around 2023-09-25 22:00:30 +02:00
Herman Slatman
f1da256ca4
Change SCEP authority initialization 2023-09-25 21:55:19 +02:00
Herman Slatman
4554f86f16
Make SCEP decrypter properties use omitempty 2023-09-25 19:48:12 +02:00
Herman Slatman
ffe079f31b
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-23 00:06:56 +02:00
Mariano Cano
31da66c124
Fix webhooks signature 
This commit fixes the way webhooks signatures are created. Before this
change, the signature of an empty body was prepended by the body itself.
 2023-09-22 13:22:52 -07:00
Herman Slatman
3f3b67e05c
Merge branch 'herman/scep-provisioner-decrypter' into herman/scep-notifying-webhook 2023-09-22 12:44:11 +02:00
Herman Slatman
ba72710e2d
Address code review remarks 2023-09-22 12:40:14 +02:00
Herman Slatman
5f8e0de1c3
Fix duplicate import in SCEP provisioner 2023-09-22 11:46:51 +02:00
Herman Slatman
4fd4227b73
Use shorter SCEP decrypter property names from linkedca 2023-09-22 11:44:49 +02:00
Herman Slatman
5fd70af2c8
Make API responses aware of the new SCEP decrypter properties 2023-09-22 11:38:03 +02:00
Herman Slatman
3ade92f8d5
Support both a decrypter key URI as well as PEM 2023-09-22 11:10:22 +02:00
Herman Slatman
b6c95d7be2
Add additional properties to SCEP notify webhook request body 2023-09-21 18:12:13 +02:00
Herman Slatman
63257e0576
Add full certificate DER bytes to success notification webhook 2023-09-21 12:05:58 +02:00