smallstep-certificates/cas/stepcas
Mariano Cano c7f226bcec
Add support for renew when using stepcas
It supports renewing X.509 certificates when an RA is configured with stepcas.
This will only work when the renewal uses a token, and it won't work with mTLS.

The audience cannot be properly verified when an RA is used, to avoid this we
will get from the database if an RA was used to issue the initial certificate
and we will accept the renew token.

Fixes #1021 for stepcas
2022-11-04 16:42:07 -07:00
..
issuer_test.go Rebase over master and a few more linter fixes 2022-09-20 19:05:12 -07:00
issuer.go Add endpoint id for the RA certificate 2022-08-11 14:47:11 -07:00
jwk_issuer_test.go Add endpoint id for the RA certificate 2022-08-11 14:47:11 -07:00
jwk_issuer.go Send RA provisioner information to the CA 2022-08-02 19:28:49 -07:00
stepcas_test.go Add support for renew when using stepcas 2022-11-04 16:42:07 -07:00
stepcas.go Add support for renew when using stepcas 2022-11-04 16:42:07 -07:00
x5c_issuer_test.go Add endpoint id for the RA certificate 2022-08-11 14:47:11 -07:00
x5c_issuer.go Send RA provisioner information to the CA 2022-08-02 19:28:49 -07:00