max furman
6937bfea7b
claims.SANS -> claims.SANs
2019-02-04 20:22:02 -08:00
max furman
93f39c64a0
backwards compat only when SANS empty
2019-02-04 20:02:56 -08:00
max furman
ab78534b08
add test for SAN backwards compatibility with CLI
...
* new provisioner tokens always contain the crt.Subject.CommonName
in the SANS attribute of the token claims. added tests that verifies
backwards compatibility still works in cases where the token does not
contain the subject as a SAN claim.
2019-02-01 12:24:21 -06:00
max furman
fe8c8614b2
SANS backwards compat when token missing sujbect SAN
2019-02-01 12:18:10 -06:00
max furman
e6e8443f3c
allow multiple identical SANs in cert
2019-01-31 11:20:21 -06:00
max furman
f0683c2e0a
Enable signing certificates with custom SANs
...
* validate against SANs in token. must be 1:1 equivalent.
2019-01-30 18:21:03 -06:00
Sebastian Tiedtke
55155d1207
Change readme formatting
2019-01-28 17:36:32 -06:00
Sebastian Tiedtke
754670ad12
Add basic federation example ( #26 )
...
Add basic federation example
2019-01-28 17:31:06 -06:00
Mariano Cano
025e36bf10
Merge pull request #28 from pallas/fix-overflow
...
authority/provisioners: fix overflow on 32-bit systems
2019-01-28 08:32:35 -08:00
Derrick Lyndon Pallas
7a5c4a1112
authority/provisioners: fix overflow on 32-bit systems
...
In Go, len returns signed ints, not unsigned ints; consequently, this code
comparison overflows on 32-bit systems, like ARM.
2019-01-28 00:54:15 +00:00
Max
88a3c4cf83
Merge pull request #25 from smallstep/Duration
...
make Duration wrapper publicly accessible
2019-01-20 21:40:45 -08:00
max furman
2c72ada610
remove dead code
2019-01-20 21:37:12 -08:00
max furman
6dc89f46d8
make Duration public
2019-01-20 21:33:14 -08:00
Michael Malone
45fb8de26f
Link to the right blog post in README.md
2019-01-18 23:45:43 -08:00
max furman
0615f7eb11
don't wrap time.Duration
2019-01-18 12:08:18 -08:00
max furman
4b742042ee
make Duration wrapper publicly accessible
2019-01-18 10:39:12 -08:00
Mariano Cano
984bf8d38c
Add missing file.
2019-01-16 19:06:21 -08:00
Mariano Cano
1cc5e94666
Add simple test for federation.
2019-01-16 19:03:41 -08:00
max furman
8402b06119
bump step-cli container version in step-ca Dockerfile
2019-01-16 16:40:13 -08:00
max furman
7b9b091b18
don't need to update the brew formula for certificates updates
...
* brew uses a tarball built by cli releases (not certificates)
2019-01-15 12:12:28 -08:00
Mariano Cano
d0e0217955
Merge pull request #22 from smallstep/mariano/multiroot
...
Multiple roots and federation
2019-01-14 18:15:33 -08:00
Mariano Cano
e8ac3f4888
Add comment to differentiate GetRootCertificates and GetRoots.
2019-01-14 18:11:55 -08:00
Mariano Cano
6e620073f5
Rename method Empties to HasEmpties
2019-01-14 18:11:55 -08:00
max furman
cfbb2a6f41
method documentation grammar fix
2019-01-14 17:55:01 -08:00
Mariano Cano
dbd1bf11f1
Rename variable.
2019-01-14 17:35:38 -08:00
Sebastian Tiedtke
70f0a0e182
It's 2019
2019-01-14 15:12:07 -08:00
Mariano Cano
8252608ca2
Fix mock
2019-01-14 14:33:00 -08:00
Mariano Cano
7dc61bf233
Remove deprecated code
2019-01-11 19:13:06 -08:00
Mariano Cano
518b597535
Remove mTLS client requirement in /roots and /federation
2019-01-11 19:08:08 -08:00
Mariano Cano
9adc65febf
Add test for newTLSOptionCtx
2019-01-10 15:31:40 -08:00
Mariano Cano
1763ede99d
Add tests for new methods.
2019-01-10 13:19:51 -08:00
Mariano Cano
6116523055
Fix random order in tests.
2019-01-10 10:57:06 -08:00
Mariano Cano
8510e25b3b
Add test with bootstrap server.
2019-01-09 18:48:15 -08:00
Mariano Cano
f99ae9da93
Add root rotation test.
2019-01-09 17:55:32 -08:00
Mariano Cano
af9e6488fc
Make the renew test shorter.
2019-01-09 17:35:00 -08:00
Mariano Cano
25ddbaedff
Allow to customize the minimal cert duration for tests.
2019-01-09 17:24:11 -08:00
Mariano Cano
10aaece1b0
Update root certificates on renew.
2019-01-09 13:20:28 -08:00
Mariano Cano
6d3e8ed93c
Add all root certificates by default on bootstrap methods.
2019-01-07 18:55:40 -08:00
Mariano Cano
d296cf95a9
Add mTLS request to get all the root CAs, not the federated ones.
2019-01-07 17:48:56 -08:00
Mariano Cano
98cc243a37
Add support for multiple roots.
2019-01-07 15:30:28 -08:00
Mariano Cano
722bcb7e7a
Add initial support for federated root certificates.
2019-01-04 17:51:32 -08:00
Mariano Cano
37149ed3ea
Add method to get all the certs.
2019-01-04 16:51:37 -08:00
Sebastian Tiedtke
10978630e5
Simplify steps
2018-12-28 15:48:53 -08:00
Sebastian Tiedtke
90aabb0705
Minor fixes
2018-12-28 15:45:40 -08:00
Sebastian Tiedtke
c7b5a71f12
Fixed link
2018-12-28 15:32:08 -08:00
Mariano Cano
9e2fce2f4c
Merge pull request #18 from smallstep/mariano/audience
...
Do not require the port in the audience check.
2018-12-21 15:33:45 -08:00
Mariano Cano
7e95fc0e45
Strip ports on audience check.
...
Services might have proxies behind them so we cannot rely on them.
Fixes #17
2018-12-21 15:27:22 -08:00
Mariano Cano
9b87e08faf
Do not require the port in the audience check.
...
Fixes #17
2018-12-21 14:04:22 -08:00
Max
e5dff952de
Merge pull request #16 from nmelo/docs-fix-typos
...
Fix a couple typos in documentation and a formatting issue
2018-12-20 13:04:35 -08:00
Nelson Melo
d0c7ccd0db
ServetTLS => ServeTLS in function docs
2018-12-20 12:10:32 -05:00