TrueCloudLab/certificates
15
0
Fork 2
Code Issues 1 Pull requests 1 Releases Activity Actions
987 commits 34 branches 199 tags 42 MiB
Commit graph

987 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mariano Cano
d13754166a Add support for cloudkms and softkms. 2020-01-09 18:41:13 -08:00
Mariano Cano
8a10c5032f
Merge pull request #150 from smallstep/backdate 
Add backdate support to the x509 and SSH certificates.
 2020-01-08 12:52:31 -08:00
Mariano Cano
77af30bfa3 Remove debug statement. 2020-01-08 11:46:33 -08:00
Mariano Cano
f46dc03111 Add tests of profileLimitDuration with backdate. 2020-01-06 14:34:59 -08:00
Mariano Cano
165a91858e Add tests for backdate and sshDefaultDuration 2020-01-06 14:21:13 -08:00
Mariano Cano
7e33aeb8d3 Add unit test for profileDefaultDuration. 2020-01-06 12:19:00 -08:00
Mariano Cano
f06db4099e Add backdate support on ssh rekey. 2020-01-03 18:30:17 -08:00
Mariano Cano
935d0d4542 Add support for backdate to SSH certificates. 2020-01-03 18:22:52 -08:00
Mariano Cano
64e0a2ca6f Disable backdata on ca tests. 2020-01-03 18:16:45 -08:00
Mariano Cano
76c14560b0 Use errs package for HTTP errors. 2020-01-03 17:41:16 -08:00
Mariano Cano
50717b3ffa Update assert package. 2020-01-03 13:27:45 -08:00
Mariano Cano
e67ccd9e3d Add fault tolerance against clock skew accross system on TLS certificates. 2020-01-02 17:48:28 -08:00
max furman
967e86a48b Simplify trimming *. prefix of domain in acme dns validation. 2019-12-20 13:32:44 -08:00
Max
37d33968f1
Merge pull request #146 from anxolerd/normalize-wildcard 
Perform domain normalization for wildcard domains
 2019-12-20 13:29:24 -08:00
Oleksandr Kovalchuk
ec8ff0bced
Add testcase which ensures we pass correct domain to lookupTxt 
Make sure we do not pass domains with asterisk (wildcard) in the middle,
like _acme-challenge.*.example.com to lookupTxt function, but preprocess
domain and remove leading wildcard so we lookup for
_acme-challenge.example.com.
 2019-12-20 22:54:41 +02:00
Oleksandr Kovalchuk
46832bb9b3
Remove superflurous Printf statement 
The statement was used for debug purposes and should not be included in
the final build
 2019-12-20 22:22:12 +02:00
Oleksandr Kovalchuk
a995cca418
Perform domain normalization for wildcard domains 
Perform domain normalization for wildcard domains, so we do query
TXT records for _acme-challenge.example.domain instead of
_acme-challenge.*.example.domain when performing DNS-01 challenge. In
this way the behavior is consistent with letsencrypt and records queried
are in sync with the ones that are shown in certbot manual mode.
 2019-12-20 19:17:53 +02:00
Mariano Cano
1fa35491ea Update cli dependency. 2019-12-18 14:44:59 -08:00
Mariano Cano
eeabf5ba4c Fix tests. 2019-12-18 14:44:08 -08:00
Mariano Cano
a6deea7d8d Renew identity certificate in /ssh/rekey and /ssh/renew 2019-12-18 14:43:38 -08:00
Mariano Cano
0b5d37b284 Add method to just write the identity certificate. 2019-12-18 14:39:01 -08:00
Mariano Cano
839fe6b952 Add method to renew the identity. 2019-12-18 12:46:46 -08:00
max furman
aa58940582 Should be returning nil from applyIdentity if cert expired. 2019-12-17 15:53:37 -08:00
max furman
6200aeaad0 cli dep update 2019-12-17 14:39:08 -08:00
Max
bd6eca6342
Merge pull request #145 from smallstep/err 2019-12-17 14:33:48 -08:00
max furman
e5a8629a21 updating dependencies 2019-12-17 14:31:22 -08:00
max furman
cb78a087d5 Update cli dep 2019-12-17 14:30:18 -08:00
max furman
f9ef5070f9 Move api errors to their own package and modify the typedef 2019-12-17 14:26:02 -08:00
Mariano Cano
6d6f496331 Allow no provisioners. 2019-12-16 11:22:24 -08:00
Mariano Cano
ba11f6acb7 Update dependencies. 2019-12-13 13:59:11 -08:00
Mariano Cano
d210082113 Use new version of nosql. 2019-12-13 13:56:56 -08:00
Mariano Cano
7ecb831e07 Add wrappers to identity methods in the ca package. 2019-12-12 13:16:17 -08:00
Mariano Cano
3f71b8debd Add mTLS test for identity client. 2019-12-12 12:48:34 -08:00
Mariano Cano
3717c7a8d3 Improve identity tests. 2019-12-12 12:23:53 -08:00
Mariano Cano
0d9a9e083e Add identity client and move identity to a new package. 2019-12-11 20:23:44 -08:00
Mariano Cano
89b216c21e Fix test. 2019-12-11 18:24:32 -08:00
Mariano Cano
96b6989658 Addapt test to api change. 2019-12-11 18:21:20 -08:00
Mariano Cano
bde29b1bbd Addapt tests to the api change. 2019-12-11 18:18:13 -08:00
Mariano Cano
28b08ef46b Fail silently if the identity fails. 2019-12-11 16:27:37 -08:00
Mariano Cano
401fc20e96 Re-enable profiler. 2019-12-11 16:27:37 -08:00
max furman
623be4ef09 update cli dep 2019-12-11 14:56:50 -08:00
Max
1f42637ba1
Merge pull request #143 from smallstep/expired-cert 
Expired cert
 2019-12-11 14:55:21 -08:00
max furman
1e17ec7d33 Use x5cInsecure token for /ssh/check-host endpoint 2019-12-11 14:54:29 -08:00
Mariano Cano
7fe1eb8686 Add GetTransport to client. 2019-12-10 16:34:24 -08:00
Mariano Cano
e841a86b48 Make sure to define the KeyID from the token if available. 2019-12-10 16:34:01 -08:00
Mariano Cano
014d2c7ccd Go mod tidy. 2019-12-10 13:41:06 -08:00
Mariano Cano
40ec0b435a Add method to create an ssh token. 2019-12-10 13:40:14 -08:00
Mariano Cano
8eeb82d0ce Store renew certificate in the database. 2019-12-10 13:10:45 -08:00
Mariano Cano
50152391a3 Add leeway in identity not before. 2019-12-09 16:55:25 -08:00
max furman
2676d525c4 redundant variable type def 2019-12-09 12:54:32 -08:00