TrueCloudLab/certificates
15
0
Fork 2
Code Issues 1 Pull requests 1 Releases Activity Actions
3420 commits 34 branches 199 tags 42 MiB
Commit graph

3420 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mariano Cano
c2c246b062
Merge pull request #1265 from smallstep/check-csr-acme-da 
Verify CSR key fingerprint with attestation certificate key
 2023-02-14 09:34:48 -08:00
Max
ff7b8830fe
Merge pull request #1273 from smallstep/max/dependabot-auto-merge 
enable auto merge for dependabot PRs
 2023-02-13 22:56:50 -08:00
max furman
74e6245e90
enable auto merge for dependabot PRs 2023-02-13 17:06:00 -08:00
Mariano Cano
5ff0dde819
Remove json tag in acme.Authorization fingerprint 2023-02-10 13:58:52 -08:00
Mariano Cano
da95c44943
Fix lint issue with Go 1.20 2023-02-09 17:02:35 -08:00
Mariano Cano
6ba20209c2
Verify CSR key fingerprint with attestation certificate key 
This commit makes sure that the attestation certificate key matches the
key used on the CSR on an ACME device attestation flow.
 2023-02-09 16:48:43 -08:00
Carl Tashian
ec3be2359a
Merge pull request #1262 from micheljung/patch-1 
Add DOCKER_STEPCA_INIT_ADDRESS
 2023-02-08 16:46:36 -08:00
Michel Jung
ebe7e5d019
Add DOCKER_STEPCA_INIT_ADDRESS 
This allows configuring "--address" instead of using hard-coded :9000
 2023-02-08 22:22:45 +01:00
Max
03cb74a449
Merge pull request #1259 from smallstep/dependabot/go_modules/google.golang.org/api-0.109.0 
Bump google.golang.org/api from 0.108.0 to 0.109.0
 2023-02-06 09:29:39 -08:00
dependabot[bot]
c9814be699
Bump google.golang.org/api from 0.108.0 to 0.109.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.108.0 to 0.109.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.108.0...v0.109.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-06 15:10:38 +00:00
Mariano Cano
3c76834807
Merge pull request #1254 from smallstep/changelog-v0.23.2 
Add changelog for v0.23.2
 2023-02-02 15:04:07 -08:00
Mariano Cano
6be15819d6
Add new entries to changelog 2023-02-02 14:54:11 -08:00
Herman Slatman
da00046a61
Merge pull request #1235 from smallstep/herman/acme-da-subject-check 
Improve validation and error messages for Orders with Permanent Identifier
 2023-02-02 23:50:40 +01:00
Mariano Cano
2cef8d10ee
Add changelog for v0.23.2 2023-02-02 14:48:34 -08:00
Carl Tashian
067f9c9a5f
Merge pull request #1252 from smallstep/carl/startup-noconfig-msg 
Helpful message on CA startup when config can't be opened
 2023-01-31 17:18:24 -08:00
Herman Slatman
3a6fc5e0b4
Remove dependency on smallstep/assert in ACME challenge tests 2023-01-31 23:49:34 +01:00
Herman Slatman
0f1c509e4b
Remove debug utility 2023-01-31 23:48:53 +01:00
Carl Tashian
b76028f3ba
Update commands/app.go 
Co-authored-by: Mariano Cano <mariano@smallstep.com>
 2023-01-31 14:39:29 -08:00
Carl Tashian
1c59b3f132
Fix linting error 2023-01-31 12:38:46 -08:00
Carl Tashian
50b4011b03
Move to commands/app.go 2023-01-31 12:32:56 -08:00
Mariano Cano
40538d8224
Merge pull request #1251 from smallstep/pidfile 
Add pidfile flag
 2023-01-31 12:16:00 -08:00
Carl Tashian
4b7fa2524d
Closes #1248 2023-01-31 12:10:59 -08:00
Mariano Cano
0df942b8f6
Add pidfile flag 
This commit adds an optional flag --pidfile which allows to pass
a filename where step-ca will write its process id.

Fixes #754
 2023-01-31 12:04:06 -08:00
Max
972bfb9689
Merge pull request #1250 from smallstep/max/scoop 
Add scoop back to goreleaser
 2023-01-31 11:30:33 -08:00
max furman
e741c60afb
Add scoop back to goreleaser 2023-01-31 11:25:16 -08:00
Carl Tashian
dd9b97221e
Merge pull request #1246 from smallstep/carl/fix-release-linktitle 
Fixed the arch of the filename in the windows release artifact
 2023-01-30 13:28:25 -08:00
Carl Tashian
ed4af06a56
Fixed the arch of the filename in the windows release artifact 2023-01-30 13:26:59 -08:00
Mariano Cano
197b79bb48
Merge pull request #1243 from smallstep/remove-deprecated-binaries 
Add step-kms-plugin to docker images and build a CGO based one
 2023-01-30 11:30:35 -08:00
Max
0c5e7f1b5c
Merge pull request #1245 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.23.2 
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
 2023-01-30 09:39:43 -08:00
Max
d79e1343ae
Merge pull request #1244 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.52.3 
Bump google.golang.org/grpc from 1.52.0 to 1.52.3
 2023-01-30 09:38:15 -08:00
dependabot[bot]
9a539f22fc
Bump go.step.sm/crypto from 0.23.1 to 0.23.2 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.23.1 to 0.23.2.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.23.1...v0.23.2)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 15:14:01 +00:00
dependabot[bot]
c32e84b436
Bump google.golang.org/grpc from 1.52.0 to 1.52.3 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.52.0 to 1.52.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.0...v1.52.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 15:13:21 +00:00
Herman Slatman
0f9128c873
Fix linting issue and order of test SUT 2023-01-27 15:43:57 +01:00
Herman Slatman
2ab9beb7ed
Add tests for deviceAttest01Validate 2023-01-27 15:36:48 +01:00
Mariano Cano
3b1be62663
Add step-kms-plugin to docker images and build a CGO based one 2023-01-26 16:52:19 -08:00
Herman Slatman
7c632629dd
Merge branch 'master' into herman/acme-da-subject-check 2023-01-26 15:52:45 +01:00
Herman Slatman
ed61c5df5f
Cleanup some leftover debug statements 2023-01-26 15:36:15 +01:00
Herman Slatman
60a9e41c1c
Remove Identifier from top level ACME Errors 2023-01-26 14:59:08 +01:00
Herman Slatman
edee01c80c
Refactor debug utility 2023-01-26 13:41:01 +01:00
Herman Slatman
1c38113e44
Add ACME Subproblem for more detailed ACME client-side errors 
When validating an ACME challenge (`device-attest-01` in this case,
but it's also true for others), and validation fails, the CA didn't
return a lot of information about why the challenge had failed. By
introducing the ACME `Subproblem` type, an ACME `Error` can include
some additional information about what went wrong when validating
the challenge.

This is a WIP commit. The `Subproblem` isn't created in many code
paths yet, just for the `step` format at the moment. Will probably
follow up with some more improvements to how the ACME error is
handled. Also need to cleanup some debug things (q.Q)
 2023-01-26 13:29:31 +01:00
Mariano Cano
4bb25d4a52
Merge pull request #1240 from smallstep/remove-deprecated-binaries 
Remove deprecated binaries
 2023-01-24 11:16:50 -08:00
Mariano Cano
39f46d31b9
Remove deprecated binaries 
This commit removes the following deprecated binaries:

 - step-awskms-init
 - step-cloudkms-init
 - step-pkcs11-init
 - step-yubikey-init

From now on step and step-kms-plugin should be used to initialize the
PKI in AWS KMS, GCP KMS, PKCS#11 modules or YubiKeys.

A future commit will add step-kms-plugin to the docker images of
step-ca.

Fixes #1046
 2023-01-23 16:30:55 -08:00
Max
fc452e560c
Merge pull request #1236 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.3 
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
 2023-01-23 12:15:22 -08:00
Max
4621b95f38
Merge pull request #1237 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.12 
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
 2023-01-23 12:12:38 -08:00
Max
2d174472e7
Merge pull request #1238 from smallstep/dependabot/go_modules/google.golang.org/api-0.108.0 
Bump google.golang.org/api from 0.107.0 to 0.108.0
 2023-01-23 12:07:26 -08:00
Max
3a6e90498c
Merge pull request #1239 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.8.3 
Bump github.com/hashicorp/vault/api from 1.8.2 to 1.8.3
 2023-01-23 12:06:47 -08:00
dependabot[bot]
cb8a2ee69f
Bump github.com/hashicorp/vault/api from 1.8.2 to 1.8.3 
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-23 15:07:04 +00:00
dependabot[bot]
626a3a87b4
Bump google.golang.org/api from 0.107.0 to 0.108.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.107.0 to 0.108.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.107.0...v0.108.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-23 15:06:54 +00:00
dependabot[bot]
925a228656
Bump github.com/urfave/cli from 1.22.11 to 1.22.12 
Bumps [github.com/urfave/cli](https://github.com/urfave/cli) from 1.22.11 to 1.22.12.
- [Release notes](https://github.com/urfave/cli/releases)
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/urfave/cli/compare/v1.22.11...v1.22.12)

---
updated-dependencies:
- dependency-name: github.com/urfave/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-23 15:06:37 +00:00
dependabot[bot]
07fd03c3f3
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.20.2 to 3.20.3.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.2...v3.20.3)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-23 15:06:26 +00:00