Mariano Cano
|
d30a95236d
|
Use always go.step.sm/crypto
|
2020-08-14 15:33:50 -07:00 |
|
Mariano Cano
|
533ad0ca20
|
Use always go.step.sm/crypto/x509util
|
2020-08-11 17:59:33 -07:00 |
|
max furman
|
1951669e13
|
wip
|
2020-06-23 11:10:45 -07:00 |
|
max furman
|
1cb8bb3ae1
|
Simplify statuscoder error generators.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
dccbdf3a90
|
Introduce generalized statusCoder errors and loads of ssh unit tests.
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
9aafe265d0
|
Should be returning nil from applyIdentity if cert expired.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
b9f6aacb0f
|
Move api errors to their own package and modify the typedef
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
65b4dda420
|
Add wrappers to identity methods in the ca package.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
d85386d0b4
|
Add identity client and move identity to a new package.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
c6f6493bb7
|
Fail silently if the identity fails.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
3ac388612a
|
Use x5cInsecure token for /ssh/check-host endpoint
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
ab126d6405
|
Add GetTransport to client.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
d2b1f1547f
|
Create a custom client that sends a custom User-Agent.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
5d7829b198
|
Replace /ssh/get-hosts to /ssh/hosts
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
2fe07cd79c
|
Fix tests.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
85d3843968
|
Add Identity helpers.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
50188fc901
|
Add version support to the ca.Client.
|
2020-01-28 13:28:17 -08:00 |
|
Mariano Cano
|
db3b795eea
|
Fix directory permissions.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
bbaf8e106e
|
Support for retry and identity files.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
d555f310dc
|
Add support for identity authentication.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
f9e5b27e63
|
Add client method for SSHBastion
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
29853ae016
|
sshpop provisioner + ssh renew | revoke | rekey first pass
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
862d704f6b
|
get-hosts fixes
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
5616386eed
|
Add SSH getHosts api
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
b8817ad648
|
Add proxycommand and new lines to templates.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
37f17213bb
|
Add initial support for check-host endpoint.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
d08db4df23
|
Rename SSH methods.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
b5bc249e1c
|
Add support for multiple ssh roots.
Fixes #125
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
a35988ff08
|
Add initial support for ssh config.
Related to smallstep/cli#170
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
961be1fbc7
|
Add endpoint to return the SSH public keys.
Related to smallstep/ca-component#195
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
10e7b81b9f
|
Merge branch 'master' into ssh-ca
|
2019-09-05 23:06:01 +02:00 |
|
max furman
|
635c59ed24
|
Accept emails SANs
|
2019-08-23 15:59:30 -07:00 |
|
Mariano Cano
|
1c8f610ca9
|
Add initial implementation of an SSH CA using the JWK provisioner.
Fixes smallstep/ca-component#187
|
2019-07-23 18:46:43 -07:00 |
|
Mariano Cano
|
f9e2ea9bd6
|
Revert "Do not depend on config package."
This reverts commit cc1c6f2cb4 .
|
2019-06-18 14:44:19 -07:00 |
|
Mariano Cano
|
cc1c6f2cb4
|
Do not depend on config package.
Config package will panic if it cannot create the step path folder.
|
2019-06-18 13:16:23 -07:00 |
|
Mariano Cano
|
01b6aebbf7
|
Make provisioner more configurable.
The intention of this change is to make it usable from cert-manager.
|
2019-06-17 19:01:04 -07:00 |
|
Mariano Cano
|
43c5831582
|
Merge branch 'master' into step-sds
|
2019-04-11 11:47:20 -07:00 |
|
max furman
|
ab4d569f36
|
Add /revoke API with interface db backend
|
2019-04-10 13:50:35 -07:00 |
|
Mariano Cano
|
888ef147fa
|
Expose a way to update the transport.
|
2019-04-03 19:37:12 -07:00 |
|
Mariano Cano
|
5ce5a891f7
|
Add email SAN with email parameter in the JWK
|
2019-03-06 17:01:12 -08:00 |
|
Mariano Cano
|
262a9d0978
|
Merge pull request #27 from smallstep/mariano/renew-pool
SDK should update certificate pools safely
|
2019-02-06 16:56:38 -08:00 |
|
max furman
|
3415a1fef8
|
move SplitSANs to cli
|
2019-02-05 19:32:01 -08:00 |
|
max furman
|
6937bfea7b
|
claims.SANS -> claims.SANs
|
2019-02-04 20:22:02 -08:00 |
|
Mariano Cano
|
4c9dccd3f6
|
Allow multiple certificates in the root pem.
|
2019-02-04 10:29:52 -08:00 |
|
max furman
|
f0683c2e0a
|
Enable signing certificates with custom SANs
* validate against SANs in token. must be 1:1 equivalent.
|
2019-01-30 18:21:03 -06:00 |
|
Mariano Cano
|
dbd1bf11f1
|
Rename variable.
|
2019-01-14 17:35:38 -08:00 |
|
Mariano Cano
|
7dc61bf233
|
Remove deprecated code
|
2019-01-11 19:13:06 -08:00 |
|
Mariano Cano
|
518b597535
|
Remove mTLS client requirement in /roots and /federation
|
2019-01-11 19:08:08 -08:00 |
|
Mariano Cano
|
d296cf95a9
|
Add mTLS request to get all the root CAs, not the federated ones.
|
2019-01-07 17:48:56 -08:00 |
|
Mariano Cano
|
722bcb7e7a
|
Add initial support for federated root certificates.
|
2019-01-04 17:51:32 -08:00 |
|