Mariano Cano
062edcdfb4
Fix unexpected error.
2020-11-18 16:57:24 -08:00
Mariano Cano
9607eddd6a
Remove unused code.
2020-11-18 16:57:24 -08:00
Mariano Cano
fcaaab94a4
Add method to create a CertificateAuthorityResponse.
2020-11-18 16:57:24 -08:00
Mariano Cano
a3f729fc28
Add support for local signing or cloudCAS intermediates.
2020-11-18 16:57:24 -08:00
Mariano Cano
fe7db340b0
Update go.step.sm/crypto dependency.
2020-11-18 16:57:24 -08:00
Mariano Cano
5deca85b14
Add initial support for step ca init
with cloud cas.
...
Fixes smallstep/cli#363
2020-11-18 16:57:24 -08:00
Anton Lundin
3e6137110b
Add support for using ssh-agent as a KMS
...
This adds a new KMS, SSHAgentKMS, which is a KMS to provide signing keys
for issuing ssh certificates signed by a key managed by a ssh-agent. It
uses the golang.org/x/crypto package to get a native Go implementation
to talk to a ssh-agent.
This was primarly written to be able to use gpg-agent to provide the
keys stored in a YubiKeys openpgp interface, but can be used for other
setups like proxying a ssh-agent over network.
That way the signing key for ssh certificates can be kept in a
"sign-only" hsm.
This code was written for my employer Intinor AB, but for simplicity
sake gifted to me to contribute upstream.
Signed-off-by: Anton Lundin <glance@acc.umu.se>
2020-11-04 09:06:23 +01:00
Max
5a1e44a399
Merge pull request #411 from smallstep/docs-links
...
Update READMEs with links to new docs
2020-10-30 10:58:28 -07:00
Mariano Cano
c9c31e2033
Merge pull request #414 from smallstep/cli-utils
...
Use smallstep/cli-utils instead of smallstep/cli
2020-10-29 16:43:52 -07:00
Mariano Cano
b79701202b
Use cli-utils@v0.1.0
2020-10-29 15:07:14 -07:00
Mariano Cano
40d0596b71
Use smallstep/cli-utils instead of smallstep/cli
2020-10-29 13:10:03 -07:00
Mariano Cano
680898c0d4
Merge pull request #412 from smallstep/aws-certs
...
AWS Certificates
2020-10-29 10:11:04 -07:00
Mariano Cano
39b23c057d
Add all AWS certificates used to verify base64 signatures.
2020-10-28 17:47:44 -07:00
Carl Tashian
80beff6ce3
Update READMEs with links to new docs
2020-10-27 16:20:45 -07:00
Mariano Cano
fb18e5afc4
Merge pull request #407 from ndom91/patch-1
...
Update provisioners.md
2020-10-25 12:07:04 -07:00
Nico Domino
8aae8a6153
Update provisioners.md
...
Swapped markdown URL / Text
2020-10-25 10:52:23 +01:00
max furman
81a0df9e45
go mod tidy
2020-10-21 20:42:23 -07:00
max furman
bf45e6ff16
Bump cli to v0.15.3
2020-10-21 16:40:06 -07:00
max furman
03c1eaa8a5
update year on debian copyright
2020-10-20 22:45:00 -07:00
max furman
3f4d041082
bump cli to master
2020-10-20 22:38:59 -07:00
Max
711aafc1d5
Merge pull request #403 from smallstep/max/acme-lock
...
[acme] Use lock for ordersByAccID and type to house methods
2020-10-20 22:35:11 -07:00
Mariano Cano
426f846974
Merge pull request #402 from smallstep/ra-init
...
Add support for CloudCAS on step ca init
2020-10-20 18:00:23 -07:00
max furman
4c48048615
Use sync.Mutex as value
2020-10-20 17:56:15 -07:00
max furman
272cce522e
Fix test and change method name
2020-10-20 17:18:20 -07:00
max furman
f34fb80eb6
[acme] Use lock for ordersByAccID and type to house methods
2020-10-20 16:25:16 -07:00
Mariano Cano
341dc1c3ea
Remove merge data.
2020-10-19 18:55:30 -07:00
Mariano Cano
6a818ebc92
Merge branch 'master' into ra-init
2020-10-19 18:53:55 -07:00
Mariano Cano
2654231c49
Update option property.
2020-10-19 18:47:36 -07:00
Mariano Cano
9f21813dd6
Rename option.
2020-10-19 18:44:27 -07:00
Mariano Cano
2ec0c24e98
Update docs for RA.
2020-10-19 18:43:11 -07:00
Mariano Cano
d46990d4c4
Add support for step ca init with a RA.
2020-10-19 18:42:03 -07:00
Mariano Cano
ef92a3a6d7
Move cas options under authority.
2020-10-19 18:08:51 -07:00
Mariano Cano
6049d42b5f
Change title to match with CAS
2020-10-19 11:30:00 -07:00
Mariano Cano
6838233416
Merge pull request #395 from smallstep/aws-identity-cert
...
Add option to specify the AWS IID certificates to use.
2020-10-15 17:14:20 -07:00
Mariano Cano
6a7b564ef9
Unify indent type.
...
This change changes the indentation used by `step ca init` to be
consistent with Config.Save used by `step ca provisioner *`.
2020-10-13 18:53:45 -07:00
Mariano Cano
7d1686dc53
Add option to specify the AWS IID certificates to use.
...
This changes adds a new option `iidRoots` that allows a user to
define one or more certificates that will be used for AWS IID
signature validation.
Fixes #393
2020-10-13 17:51:24 -07:00
Mariano Cano
647b9b4541
Merge pull request #367 from smallstep/cas
...
Support for CAS Interface and CloudCAS
2020-10-05 18:09:01 -07:00
Mariano Cano
3e0ab8fba7
Fix typo.
2020-10-05 18:00:50 -07:00
Mariano Cano
d64427487d
Add comment about the missing error check.
2020-10-05 17:39:44 -07:00
Mariano Cano
8381e9bd17
Fix typos.
2020-10-05 17:20:22 -07:00
Carl Tashian
329f401e58
Update cas.md
...
Needed to run two commands to set up IAM roles because passing `--role` twice only uses the second value passed.
2020-09-29 15:46:53 -07:00
Carl Tashian
3f55f22b2e
Update cas.md
...
Added `--location` flag to a couple of the commands
2020-09-29 15:24:15 -07:00
Carl Tashian
c963883d60
Merge pull request #377 from smallstep/gh-discussions
...
Change Gitter links to GH Discussions tab
2020-09-28 14:10:12 -07:00
Mariano Cano
7d779e12db
Change service account name.
2020-09-24 12:45:19 -07:00
Mariano Cano
52d857a302
Update CloudCAS instructions.
2020-09-24 12:43:25 -07:00
Mariano Cano
066c7ee10b
Fix iam permissions.
2020-09-24 12:37:29 -07:00
Carl Tashian
fd07e25e61
Change Gitter links to GH Discussions tab
2020-09-23 16:36:37 -07:00
Mariano Cano
42ce78ed43
Add initial docs for CAS.
2020-09-22 13:32:48 -07:00
Mariano Cano
072adc906e
Print root fingerprint for CloudCAS.
2020-09-22 13:23:48 -07:00
Mariano Cano
8e6d7accf8
Do not add the CRL distribution points extension.
...
This extension is added by CloudCAS.
2020-09-21 17:09:46 -07:00