Mariano Cano
ba0b170818
Attempt to fix TestBootstrapClientServerRotation
...
This change attempts to fix the test TestBootstrapClientServerRotation.
Due to the backdate, the renew options get too large, causing
continuous renewals, and random errors. After experimenting with
different options, truncating durations to seconds have shown better
results than rounding or just use the plain time.
2022-03-23 19:14:28 -07:00
Mariano Cano
ad8a813abe
Fix linter errors
2022-03-21 16:53:57 -07:00
Panagiotis Siatras
e6b2359273
ca: fixed import statement order
2022-03-18 20:21:01 +02:00
Panagiotis Siatras
9ba33bab4e
ca: refactored to use the read package
2022-03-18 20:21:00 +02:00
Mariano Cano
915911efb6
Disable http loggers in test.
...
They hide the test that fail on tests in the CI.
2022-03-15 12:26:00 -07:00
Mariano Cano
ead742ca0f
Fix unit test
2022-03-15 12:13:01 -07:00
Mariano Cano
6dcde8a743
Fix typo
2022-03-11 15:22:53 -08:00
Mariano Cano
a4dd586a81
Add method to get the CA url from the client.
2022-03-11 15:13:39 -08:00
Mariano Cano
616490a9c6
Refactor renew after expiry token authorization
...
This changes adds a new authority method that authorizes the
renew after expiry tokens.
2022-03-10 20:21:01 -08:00
Mariano Cano
41ea67ce10
Attempt to fix a bootstrap tests
2022-03-10 13:01:31 -08:00
Herman Slatman
4ebf43c011
Merge pull request #820 from smallstep/herman/acme-api
...
Refactor ACME Admin API
2022-02-10 13:11:44 +01:00
Herman Slatman
5cb23c6029
Merge pull request #804 from smallstep/herman/normalize-ipv6-dns-names
...
Normalize IPv6 hostname addresses
2022-02-09 11:25:24 +01:00
Herman Slatman
d00729df0b
Refactor ACME Admin API
2022-02-08 13:26:30 +01:00
Chris Crook
11637b5793
Add descriptive provisioner JWK decryption error messages
...
Wrap other errors in decryption process with more helpful messaging. This should help users troubleshoot misconfiguration more easily.
Fixes #816
2022-02-04 17:53:58 -05:00
Herman Slatman
bfa2245abb
Merge branch 'master' into herman/normalize-ipv6-dns-names
2022-02-03 17:24:08 +01:00
Herman Slatman
c7c5c3c94e
Merge branch 'master' into herman/scep-macos-renewal-fixes
2022-01-31 13:20:16 +01:00
Herman Slatman
fd9845e9c7
Add cursor and limit to ACME EAB DB interface
2022-01-24 14:03:56 +01:00
Herman Slatman
716b946e7a
Normalize IPv6 hostname addresses
2022-01-19 17:14:45 +01:00
Herman Slatman
64680bb16d
Fix PR comments
2022-01-19 11:31:33 +01:00
Herman Slatman
3612eefc31
Cleanup
2022-01-18 15:54:18 +01:00
Herman Slatman
9c6580ccd2
Fix macOS SCEP client issues
...
Fixes #746
2022-01-14 10:48:23 +01:00
Herman Slatman
30859d3c83
Remove server-side paging logic for ExternalAccountKeys
2022-01-06 14:09:35 +01:00
Herman Slatman
6929e31fe0
Merge branch 'master' into hs/acme-eab
2022-01-04 16:41:36 +01:00
Herman Slatman
22ff90f655
Merge branch 'master' into hs/acme-eab
2021-12-22 12:54:41 +01:00
Herman Slatman
07addd0cac
Fix linting issue
2021-12-22 11:58:00 +01:00
Herman Slatman
a68208a3ba
Set Step CLI User-Agent when performing ACME requests
2021-12-22 11:54:01 +01:00
Mariano Cano
2c63abcf52
fix grammar
2021-12-15 12:16:21 -08:00
Mariano Cano
7c4e6dcc96
Remove duplicated code in bootstrap methods
2021-12-15 11:24:46 -08:00
Mariano Cano
64c19d4264
Fix subject in test, use ip
2021-12-14 15:27:18 -08:00
Mariano Cano
b0b2e77b0e
Avoid doing unauthenticated requests on the SDK
...
When step-ca runs with mTLS required on some endpoints, the SDK
used in autocert will fail to start because the identity certificate
is missing. This certificate is only required to retrieve all roots,
in most cases there's only one, and the SDK has access to it.
2021-12-14 14:42:38 -08:00
Herman Slatman
d799359917
Merge branch 'master' into hs/acme-eab
2021-12-09 13:58:40 +01:00
Herman Slatman
3bc3957b06
Merge branch 'master' into hs/acme-revocation
2021-12-09 09:36:52 +01:00
Herman Slatman
d0c23973cc
Merge branch 'master' into hs/acme-eab
2021-12-06 13:01:23 +01:00
Herman Slatman
2d357da99b
Add tests for ACME revocation
2021-11-26 17:27:42 +01:00
Mariano Cano
d35848f7a9
Fix unit tests.
2021-11-24 11:43:24 -08:00
Mariano Cano
b9beab071d
Fix unit tests.
2021-11-23 18:43:36 -08:00
Mariano Cano
8c8db0d4b7
Modify errs.BadRequestErr() to always return an error to the client.
2021-11-18 18:17:36 -08:00
Mariano Cano
8ce807a6cb
Modify errs.BadRequest() calls to always send an error to the client.
2021-11-18 15:12:44 -08:00
max furman
7fac8c96c3
Merge branch 'master' into max/context
2021-11-17 11:40:01 -08:00
max furman
a7d144996f
SSH backwards compat updates
...
- use existence of new value in data map as boolean
- add tests for backwards and forwards compatibility
- fix old tests that used static dir locations
2021-11-16 21:47:14 -08:00
max furman
d777fc23c2
Add ca.WithInsecure and use methods for file names
2021-11-16 21:47:14 -08:00
max furman
e5951fd84c
Use methods in the step package
...
* rather than variables set at execution time, which may not match the
actual current context
2021-11-16 21:47:14 -08:00
max furman
7eeebca529
Enable step path contexts in identity and pki paths
2021-11-16 21:47:14 -08:00
max furman
10db335f13
mv pkg config -> step
2021-11-16 21:47:14 -08:00
max furman
741ac64c61
change name of package cli-utils/config to cli-utils/step
2021-11-16 21:47:14 -08:00
Herman Slatman
e7a988b2cd
Pin golangci-lint to v1.43.0 and fix issues
2021-11-13 01:30:03 +01:00
Herman Slatman
bcd1240a0e
Merge branch 'master' into hs/acme-eab
2021-10-16 13:32:13 +02:00
Mariano Cano
36b622bfc2
Use Golang's default keep-alive.
...
Since Go 1.13 a net.Listen keep-alive is enabled by default if
the protocol and OS supports it. The new one is 15s to match
the net.Dial default one. Previously http.Server ListenAndServe
and ListenAndServeTLS used to add a wrapper with 3m that we
replicated.
See https://github.com/golang/go/issues/31510
2021-10-15 14:12:43 -07:00
Herman Slatman
dd4b4b0435
Fix remaining gocritic remarks
2021-10-11 23:34:23 +02:00
Herman Slatman
e0b495e4c8
Merge branch 'master' into hs/acme-eab
2021-10-09 01:06:49 +02:00