Mariano Cano
4c8bf87dc1
Use new admin template for K8ssa and admin-OIDC provisioners.
...
This change replaces the .Insecure.CR template to one that sets
all the SANs, but uses key usages and extended key usages for
regular TLS certificates.
2020-09-21 12:49:16 -07:00
Mariano Cano
309d9ddcc4
Merge pull request #374 from smallstep/missing-token-ids
...
Create a hash of a token if a token id is empty.
2020-09-21 10:02:58 -07:00
Mariano Cano
d79b4e709e
Create a hash of a token if a token id is empty.
2020-09-18 16:25:08 -07:00
Mariano Cano
656315bd61
Merge pull request #371 from smallstep/bundle-awskms-init
...
Add step-awskms-init to the binary releases.
2020-09-18 11:12:26 -07:00
Mariano Cano
c2fd6a8421
Add step-awskms-init to the binary releases.
...
Fixes 332
2020-09-18 11:01:54 -07:00
Mariano Cano
4f3b24af8f
Merge pull request #370 from smallstep/yubi-management-key
...
Make the YubiKey management key configurable.
2020-09-17 16:15:24 -07:00
Mariano Cano
f100b2d0e3
Make the YubiKey management key configurable.
...
With this change the default management key is not required as the
user is able to set its own.
Fixes #323
2020-09-17 16:07:32 -07:00
Mariano Cano
a332c40530
Merge branch 'master' into cas
2020-09-17 14:46:52 -07:00
Mariano Cano
87bbcee239
Update go.sum
2020-09-17 11:17:46 -07:00
Mariano Cano
9573b47efb
Merge pull request #369 from acipia/master
...
avoid using yubikey attestation cert
2020-09-17 11:15:49 -07:00
max furman
3e874a1e72
Fix RHEL/CentOS install docs
2020-09-16 20:53:58 -07:00
Mariano Cano
884a6f5dd0
Skip test on CI.
2020-09-16 14:03:26 -07:00
Mariano Cano
91aa1e87f1
Do not use go 1.15 methods.
2020-09-16 13:51:49 -07:00
Mariano Cano
60515d92c5
Remove unnecessary properties.
2020-09-16 13:31:26 -07:00
Pierre Laden
692f7692a2
fix #2 indentation
2020-09-16 22:26:53 +02:00
Pierre Laden
290d5ee979
fix gofmt complain
2020-09-16 22:15:42 +02:00
Pierre Laden
179e793f1a
- provide PINpolicy always to piv-go to avoid trying to use attestation cert, which we might not have
...
- bump piv-go version to 1.6.0
2020-09-16 21:59:48 +02:00
Mariano Cano
f2dd5c48cc
Fix linting errors.
2020-09-16 12:41:43 -07:00
Mariano Cano
8957e5e5a2
Add missing tests
2020-09-16 12:34:42 -07:00
Mariano Cano
e146b3fe16
Add Unit tests for softcas.
2020-09-15 19:37:02 -07:00
Mariano Cano
1550a21f68
Fix unit tests.
2020-09-15 18:14:21 -07:00
Mariano Cano
e17ce39e3a
Add support for Revoke using CAS.
2020-09-15 18:14:03 -07:00
Mariano Cano
144ffe73dd
Complete unit tests for Google CAS.
2020-09-15 17:23:11 -07:00
Mariano Cano
f7d066fca8
Fix key usages.
2020-09-15 15:19:59 -07:00
Mariano Cano
01e6495f43
Add most of cloudcas unit tests and minor fixes.
2020-09-14 19:13:40 -07:00
Mariano Cano
8eff4e77a8
Comment request structs.
2020-09-14 19:12:49 -07:00
Mariano Cano
bd8dd9da41
Do not read issuer and signer twice.
2020-09-10 19:13:17 -07:00
Mariano Cano
aad8f9e582
Pass issuer and signer to softCAS options.
...
Remove commented code and initialize CAS properly.
Minor fixes in CloudCAS.
2020-09-10 19:09:46 -07:00
Mariano Cano
c8d9cb0a1d
Complete cloudcas using CAS v1beta1.
2020-09-10 16:19:18 -07:00
Max
946aedca92
Merge pull request #368 from gucchisk/error_message
...
Fix error message of bad request
2020-09-10 08:04:37 -07:00
gucchisk
4ad6be2680
Fix error message of bad request
2020-09-10 23:45:44 +09:00
Mariano Cano
1b1f73dec6
Early attempt to develop a CAS interface.
2020-09-08 19:26:32 -07:00
Carl Tashian
b792f9144f
Merge pull request #364 from smallstep/docker-tweaks
...
Update Dockerfile.step-ca to match best practices
2020-09-08 18:11:21 -07:00
Mariano Cano
276e307a1d
Add extra tests for CustomSSHTemplateOptions
2020-09-08 15:43:39 -07:00
Mariano Cano
3fc9124559
Merge pull request #366 from smallstep/max/ignore-null
...
Ignore `null` string for x509 and ssh templateData.
2020-09-08 15:42:58 -07:00
max furman
da9f0b09af
Ignore null
string for x509 and ssh templateData.
2020-09-08 13:59:22 -07:00
Carl Tashian
3b31c6d2f5
Change HEALTHCHECK
to use step ca health
. Change shell CMD exec
to skip redundant /bin/sh -c
2020-09-08 09:44:35 -07:00
Mariano Cano
81c6e01269
Fix unit test.
2020-09-04 11:16:17 -07:00
Mariano Cano
3ac0ef2eaa
Update crypto to v0.6.0
2020-09-02 18:08:24 -07:00
Mariano Cano
50d09c183b
Fix example and use ClientCAs.
...
Server trust client certificates using ClientCAs instead of RootCAs.
2020-09-02 15:10:11 -07:00
Carl Tashian
6ffc438ed1
Update Dockerfile.step-ca to match best practices
...
- See https://docs.docker.com/develop/develop-images/dockerfile_best-practices/
- Added a .dockerignore file to reduce the build context size
- Added a HEALTHCHECK (curl the CA)
2020-09-02 11:41:47 -07:00
Max
54e43604ff
Merge pull request #363 from smallstep/max/k8ssa
...
Standardize k8ssa check on issuer name
2020-09-01 13:20:27 -07:00
Mariano Cano
f3b65e54ac
Update go.step.sm to v0.5.0
...
Solves the problem of enforcing the signature algorithm. This
causes issues if the intermediate key is not an ECDSA key.
2020-09-01 12:44:46 -07:00
max furman
ce9af5c20f
Standardize k8ssa check on issuer name
2020-08-31 20:56:00 -07:00
max furman
925edaede2
revert to skip_cleanup in travis
2020-08-31 14:28:31 -07:00
Mariano Cano
8ee246edda
Upgrade go.step.sm to v0.4.0
2020-08-31 12:30:54 -07:00
Mariano Cano
ce5e1b4934
Fix merge issue.
2020-08-28 14:44:43 -07:00
Mariano Cano
35bd3ec383
Merge pull request #329 from smallstep/ssh-cert-templates
...
SSH cert templates
2020-08-28 14:42:58 -07:00
Mariano Cano
cef0475e71
Make clear what's a template/unsigned certificate.
2020-08-28 14:33:26 -07:00
Mariano Cano
4d375a06f5
Make clearer what's an unsigned cert.
2020-08-28 14:29:18 -07:00