Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,681 Commits
44 Branches
215 Tags
44 MiB
mariano/validity
master
root-not-found-error-message
relative-paths-config
fix-1637
dependabot/go_modules/github.com/slackhq/nebula-1.9.3
dependabot/go_modules/github.com/google/go-tpm-0.9.1
wire-acme-extensions
mariano/init-provisioners
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.26.2
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ff8cb19b78'
${ noResults }
Commit Graph

2681 Commits (ff8cb19b78db97674a130044fb46c6a864953587)
 

Author SHA1 Message Date
Herman Slatman 4ebf43c011
Merge pull request #820 from smallstep/herman/acme-api 
Refactor ACME Admin API
 2 years ago
Herman Slatman 5b713a564c
Change CM link 2 years ago
Herman Slatman 5cb23c6029
Merge pull request #804 from smallstep/herman/normalize-ipv6-dns-names 
Normalize IPv6 hostname addresses
 2 years ago
Herman Slatman d00729df0b
Refactor ACME Admin API 2 years ago
Mariano Cano 588c72c046
Merge pull request #817 from Cpcrook/chore/#816-provisioner-decryption-error-messaging 
Add descriptive provisioner JWK decryption error messages
 2 years ago
Chris Crook 11637b5793 Add descriptive provisioner JWK decryption error messages 
Wrap other errors in decryption process with more helpful messaging.  This should help users troubleshoot misconfiguration more easily.

Fixes #816
 2 years ago
max furman 039d2455d9 changelog update 2 years ago
max furman 5f4ac5beff Fix broken test due to linter fix 2 years ago
max furman 62690ab52e Fix linting errors and pin linter version in release action 2 years ago
Mariano Cano d384b534c7
Merge pull request #814 from smallstep/x509-enforcer 
Authority enforcer option
 2 years ago
Herman Slatman bfa2245abb
Merge branch 'master' into herman/normalize-ipv6-dns-names 2 years ago
Herman Slatman e887ccaa07
Ensure the CA TLS certificate represents IPv6 DNS names as IP in cert 
If an IPv6 domain name (i.e. [::1]) is provided manually in the `ca.json`,
this commit will ensure that it's represented as an IP SAN in the TLS
certificate. Before this change, the IPv6 would become a DNS SAN.
 2 years ago
Herman Slatman 1fe7362bee
Normalize IPv6 addresses in ACME linker 2 years ago
Mariano Cano 300c19f8b9 Add a custom enforcer that can be used to modify a cert. 2 years ago
J. Hunter Hawke 808f039b09
Added some example ansible configs (#813) 2 years ago
Herman Slatman 88c7b63c9d
Split SSH user and cert policy configuration and execution 2 years ago
Herman Slatman a7eb27d309
Fix URI domains IDNA support 2 years ago
Herman Slatman acd13cb92d
Merge branch 'master' of github.com:smallstep/certificates into herman/allow-deny 2 years ago
Herman Slatman c1424036bf
Merge branch 'master' into herman/allow-deny 2 years ago
Herman Slatman 4a0cfd24e5
Merge pull request #797 from smallstep/herman/scep-macos-renewal-fixes 
Fix macOS SCEP client issues
 2 years ago
Herman Slatman c7c5c3c94e
Merge branch 'master' into herman/scep-macos-renewal-fixes 2 years ago
Herman Slatman c57dfeec2d
Merge pull request #650 from hslatman/hs/acme-eab 
ACME External Account Binding
 2 years ago
Herman Slatman bf21319e76
Fix PR comments and issue with empty string slices 2 years ago
Mariano Cano 09a9b3e1c8 Upgrade go.step.sm/crypto 2 years ago
Herman Slatman 5f42ae0bce
Remove unused function LoadProvisionerByID from SCEP 2 years ago
Herman Slatman 9617edf0c2
Improve internationalized domain name handling 
This PR improves internationalized domain name handling according
to rules of IDNA and based on the description in RFC 5280, section 7:
https://datatracker.ietf.org/doc/html/rfc5280#section-7.

Support for internationalized URI(s), so-called IRIs, still needs to
be done.
 2 years ago
Herman Slatman 512b8d6730
Refactor instantiation of policy engines 
Instead of using the `base` struct, the x509 and SSH policy
engines are now added to each provisioner directly.
 2 years ago
Herman Slatman 066bf32086
Fix part of PR comments 2 years ago
Herman Slatman fd9845e9c7
Add cursor and limit to ACME EAB DB interface 2 years ago
Herman Slatman ad041d6bb7
Fix deprecation of grpc.WithInsecure option 
With the update of go.step.sm/linkedca grpc.WithInsecure was
deprecated. This commit fixes this by setting up the (insecure)
connection using the new method.
 2 years ago
Herman Slatman 3b72d241e0
Add LinkedCA integration for improved SCEP provisioner 2 years ago
Herman Slatman c3f2fd8ef0
Add RW locks to prevent concurrent updates to the DB 
Although this may slow certain API calls down and may not be, strictly
necessary, I think it's best to put all the ACME EAB operations behind
RW locks to prevent concurrent updates to the DB and guarantee
consistent result sets.
 2 years ago
Herman Slatman 868cc4ad7f
Increase test coverage for additional indexes 2 years ago
Herman Slatman 8838961b68
Merge branch 'master' into hs/acme-eab 2 years ago
Herman Slatman c0eb420806
Remove special case for empty slices 2 years ago
Herman Slatman 716b946e7a
Normalize IPv6 hostname addresses 2 years ago
Herman Slatman 64680bb16d
Fix PR comments 2 years ago
Carl Tashian 262375577a
Merge pull request #794 from smallstep/create-db-folder 
Create the db directory on step ca init
 2 years ago
Herman Slatman 3612eefc31
Cleanup 2 years ago
Herman Slatman ff08b5055e
Fix linting issues 2 years ago
Herman Slatman 6440870a80
Clean up, improve test cases and coverage 2 years ago
Herman Slatman 1e808b61e5
Merge logic for X509 and SSH policy 2 years ago
Herman Slatman 6bc301339f
Improve test case and code coverage 2 years ago
Herman Slatman 91d51c2b88
Add allow/deny to Nebula provisioner 2 years ago
Herman Slatman d9c56d67cc
Merge branch 'master' into herman/allow-deny 2 years ago
Herman Slatman 9c6580ccd2
Fix macOS SCEP client issues 
Fixes #746
 2 years ago
Herman Slatman 988efc8cd4
Merge pull request #792 from smallstep/herman/improve-template-errors 
Improve errors related to template execution failures
 3 years ago
Carl Tashian 9848caf49f Create the db directory on step ca init 3 years ago
Herman Slatman 50c3bce98d
Change if/if to if/else-if when checking the type of JSON error 3 years ago
max furman 4afcdd55ff Update doc line on WithSSHGetHosts 3 years ago