Mariano Cano
d0086fe9ba
Merge pull request #375 from smallstep/admin-templates
...
Use new admin template for K8ssa and admin-OIDC provisioners.
2020-09-21 13:58:09 -07:00
Mariano Cano
4c8bf87dc1
Use new admin template for K8ssa and admin-OIDC provisioners.
...
This change replaces the .Insecure.CR template to one that sets
all the SANs, but uses key usages and extended key usages for
regular TLS certificates.
2020-09-21 12:49:16 -07:00
Mariano Cano
309d9ddcc4
Merge pull request #374 from smallstep/missing-token-ids
...
Create a hash of a token if a token id is empty.
2020-09-21 10:02:58 -07:00
Mariano Cano
d79b4e709e
Create a hash of a token if a token id is empty.
2020-09-18 16:25:08 -07:00
Mariano Cano
656315bd61
Merge pull request #371 from smallstep/bundle-awskms-init
...
Add step-awskms-init to the binary releases.
2020-09-18 11:12:26 -07:00
Mariano Cano
c2fd6a8421
Add step-awskms-init to the binary releases.
...
Fixes 332
2020-09-18 11:01:54 -07:00
Mariano Cano
4f3b24af8f
Merge pull request #370 from smallstep/yubi-management-key
...
Make the YubiKey management key configurable.
2020-09-17 16:15:24 -07:00
Mariano Cano
f100b2d0e3
Make the YubiKey management key configurable.
...
With this change the default management key is not required as the
user is able to set its own.
Fixes #323
2020-09-17 16:07:32 -07:00
Mariano Cano
87bbcee239
Update go.sum
2020-09-17 11:17:46 -07:00
Mariano Cano
9573b47efb
Merge pull request #369 from acipia/master
...
avoid using yubikey attestation cert
2020-09-17 11:15:49 -07:00
max furman
3e874a1e72
Fix RHEL/CentOS install docs
2020-09-16 20:53:58 -07:00
Pierre Laden
692f7692a2
fix #2 indentation
2020-09-16 22:26:53 +02:00
Pierre Laden
290d5ee979
fix gofmt complain
2020-09-16 22:15:42 +02:00
Pierre Laden
179e793f1a
- provide PINpolicy always to piv-go to avoid trying to use attestation cert, which we might not have
...
- bump piv-go version to 1.6.0
2020-09-16 21:59:48 +02:00
Max
946aedca92
Merge pull request #368 from gucchisk/error_message
...
Fix error message of bad request
2020-09-10 08:04:37 -07:00
gucchisk
4ad6be2680
Fix error message of bad request
2020-09-10 23:45:44 +09:00
Carl Tashian
b792f9144f
Merge pull request #364 from smallstep/docker-tweaks
...
Update Dockerfile.step-ca to match best practices
2020-09-08 18:11:21 -07:00
Mariano Cano
276e307a1d
Add extra tests for CustomSSHTemplateOptions
2020-09-08 15:43:39 -07:00
Mariano Cano
3fc9124559
Merge pull request #366 from smallstep/max/ignore-null
...
Ignore `null` string for x509 and ssh templateData.
2020-09-08 15:42:58 -07:00
max furman
da9f0b09af
Ignore null
string for x509 and ssh templateData.
2020-09-08 13:59:22 -07:00
Carl Tashian
3b31c6d2f5
Change HEALTHCHECK
to use step ca health
. Change shell CMD exec
to skip redundant /bin/sh -c
2020-09-08 09:44:35 -07:00
Mariano Cano
81c6e01269
Fix unit test.
2020-09-04 11:16:17 -07:00
Mariano Cano
3ac0ef2eaa
Update crypto to v0.6.0
2020-09-02 18:08:24 -07:00
Mariano Cano
50d09c183b
Fix example and use ClientCAs.
...
Server trust client certificates using ClientCAs instead of RootCAs.
2020-09-02 15:10:11 -07:00
Carl Tashian
6ffc438ed1
Update Dockerfile.step-ca to match best practices
...
- See https://docs.docker.com/develop/develop-images/dockerfile_best-practices/
- Added a .dockerignore file to reduce the build context size
- Added a HEALTHCHECK (curl the CA)
2020-09-02 11:41:47 -07:00
Max
54e43604ff
Merge pull request #363 from smallstep/max/k8ssa
...
Standardize k8ssa check on issuer name
2020-09-01 13:20:27 -07:00
Mariano Cano
f3b65e54ac
Update go.step.sm to v0.5.0
...
Solves the problem of enforcing the signature algorithm. This
causes issues if the intermediate key is not an ECDSA key.
2020-09-01 12:44:46 -07:00
max furman
ce9af5c20f
Standardize k8ssa check on issuer name
2020-08-31 20:56:00 -07:00
max furman
925edaede2
revert to skip_cleanup in travis
2020-08-31 14:28:31 -07:00
Mariano Cano
8ee246edda
Upgrade go.step.sm to v0.4.0
2020-08-31 12:30:54 -07:00
Mariano Cano
ce5e1b4934
Fix merge issue.
2020-08-28 14:44:43 -07:00
Mariano Cano
35bd3ec383
Merge pull request #329 from smallstep/ssh-cert-templates
...
SSH cert templates
2020-08-28 14:42:58 -07:00
Mariano Cano
cef0475e71
Make clear what's a template/unsigned certificate.
2020-08-28 14:33:26 -07:00
Mariano Cano
4d375a06f5
Make clearer what's an unsigned cert.
2020-08-28 14:29:18 -07:00
Mariano Cano
b7269b6579
Fix comment.
2020-08-28 14:22:13 -07:00
Mariano Cano
193d18ee21
Hide unnecessary error.
2020-08-25 18:14:36 -07:00
Mariano Cano
ef86bedb2c
Upgrade go.step.sm dependency to v0.3.0
2020-08-25 11:46:04 -07:00
Mariano Cano
c94a1c51be
Merge branch 'master' into ssh-cert-templates
2020-08-24 15:08:28 -07:00
Mariano Cano
ba918100d0
Use go.step.sm/crypto/jose
...
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
2020-08-24 14:44:11 -07:00
Mariano Cano
896a7a508f
Merge pull request #357 from Dennis14e/patch-1
...
README: Fix url to step cli tool
2020-08-24 11:49:42 -07:00
Max
f3e4ee2aa3
Merge pull request #359 from smallstep/max/csr-no-subject-test
...
Remove unused code; fix usage wrong word; add gap time for unit test
2020-08-21 09:52:23 -07:00
max furman
46fc922afd
Remove unused code; fix usage wrong word; add gap time for unit test
2020-08-20 18:48:17 -07:00
Mariano Cano
03d642e59c
Update go.step.sm/crypto to v0.2.0
...
Fixes #302
2020-08-20 16:02:45 -07:00
max furman
81875074e3
tie -> the in comment
2020-08-20 15:15:15 -07:00
Dennis Neufeld
43833e54f0
README: Fix url to step cli tool
2020-08-20 16:43:05 +02:00
Mariano Cano
3f660ff07e
Merge pull request #354 from smallstep/bundle-awskms-init
...
Add step-awskms-init into the builds.
2020-08-19 13:41:57 -07:00
Mariano Cano
ffedccf439
Add step-awskms-init into the builds.
2020-08-19 13:21:14 -07:00
Carl Tashian
6a98de943d
Merge pull request #353 from smallstep/docker-buildx
...
Small changes to docker/travis
2020-08-19 10:40:46 -05:00
Carl Tashian
066017ae81
revert debian/changelog
2020-08-18 17:38:16 -07:00
Carl Tashian
821a464ae5
Remove docker testing from makefile
2020-08-18 17:27:38 -07:00