certificates

Author	SHA1	Message	Date
Mariano Cano	f7c1a328ed	Merge pull request #777 from smallstep/pkcs11-decrypter Implement the kms.Decrypter with PKCS#11	2021-12-17 11:10:56 -08:00
Mariano Cano	d5c6572da4	Fix typo.	2021-12-17 10:55:23 -08:00
Mariano Cano	5a32401d23	Implement the kms.Decrypter with PKCS#11 This interface allows the use of SCEP with PKCS#11 modules.	2021-12-16 18:30:09 -08:00
Mariano Cano	ab44fbfb3f	Merge pull request #774 from smallstep/cm-roots Avoid doing unauthenticated requests on the SDK	2021-12-15 12:22:36 -08:00
Mariano Cano	2c63abcf52	fix grammar	2021-12-15 12:16:21 -08:00
Mariano Cano	7c4e6dcc96	Remove duplicated code in bootstrap methods	2021-12-15 11:24:46 -08:00
Mariano Cano	64c19d4264	Fix subject in test, use ip	2021-12-14 15:27:18 -08:00
Mariano Cano	b0b2e77b0e	Avoid doing unauthenticated requests on the SDK When step-ca runs with mTLS required on some endpoints, the SDK used in autocert will fail to start because the identity certificate is missing. This certificate is only required to retrieve all roots, in most cases there's only one, and the SDK has access to it.	2021-12-14 14:42:38 -08:00
Herman Slatman	fbd3fd2145	Merge pull request #625 from hslatman/hs/acme-revocation ACME Certificate Revocation	2021-12-09 09:48:02 +01:00
Herman Slatman	00539d07c9	Add changelog entry for ACME revocation	2021-12-09 09:42:38 +01:00
Herman Slatman	3bc3957b06	Merge branch 'master' into hs/acme-revocation	2021-12-09 09:36:52 +01:00
Herman Slatman	0524122191	Remove authorization flow for different Account private keys As discussed in https://github.com/smallstep/certificates/issues/767, we opted for not including this authorization flow to prevent users from getting OOMs. We can add the functionality back when the underlying data store can provide access to a long list of Authorizations more efficiently, for example when a callback is implemented.	2021-12-08 16:28:14 +01:00
Carl Tashian	53ebd85327	Update star gif size	2021-12-07 10:17:48 -08:00
Carl Tashian	c0255b7caa	Update star gif	2021-12-07 10:07:50 -08:00
Carl Tashian	accb0710a1	Star gif	2021-12-07 10:02:44 -08:00
Mariano Cano	94afec7e1f	Merge pull request #758 from smallstep/errors-forbidden Forbidden errors and more	2021-12-06 16:01:19 -08:00
Mariano Cano	e0fee84694	Add comment about public key validator.	2021-12-03 15:24:42 -08:00
Mariano Cano	0cebde3db5	Change fallback message on RekeySSH.	2021-12-03 15:12:00 -08:00
Herman Slatman	004fc054d5	Fix PR comments	2021-12-03 15:06:28 +01:00
Mariano Cano	9fd147f3da	Change error message.	2021-12-02 16:44:57 -08:00
Herman Slatman	47a8a3c463	Add test case for ACME Revoke to Authority	2021-12-02 17:11:36 +01:00
Herman Slatman	06bb97c91e	Add logic for Account authorizations and improve tests	2021-12-02 16:25:35 +01:00
Herman Slatman	bae1d256ee	Improve tests for JWK vs. KID revoke auth flow The logic for both test cases is fairly similar, but with some small differences. Made those clearer by means of some comments. Also added some comments to the middleware logic that decided whether to extract JWK or lookup by KID.	2021-12-02 10:59:56 +01:00
Herman Slatman	a7fbbc4748	Add tests for GetCertificateBySerial	2021-11-28 21:20:57 +01:00
Herman Slatman	4d01cf8135	Increase test code coverage	2021-11-28 20:30:36 +01:00
Herman Slatman	2d357da99b	Add tests for ACME revocation	2021-11-26 17:27:42 +01:00
Herman Slatman	ed295ca15d	Fix linting issue	2021-11-25 00:44:21 +01:00
Herman Slatman	c9cd876a7d	Merge branch 'master' into hs/acme-revocation	2021-11-25 00:40:56 +01:00
Mariano Cano	78acf35bf4	Merge pull request #753 from scattered-network/docker-compose-go-mod-updates Docker Example Fix: Remove Step Build	2021-11-24 14:42:44 -08:00
Mariano Cano	d35848f7a9	Fix unit tests.	2021-11-24 11:43:24 -08:00
Mariano Cano	c3f98fd04d	Change some bad requests to forbidded. Change in the sign options bad requests to forbidded if is the provisioner the one adding a restriction, e.g. list of dns names, validity, ...	2021-11-24 11:32:35 -08:00
JJ	cbb0f40696	Revert "Update Go Modules: Fixes Docker Example" This reverts commit `11a1297bf5`.	2021-11-24 04:45:51 +00:00
JJ	3c5d1c9d3f	Use smallstep/small-cli as base image, remove step cli build	2021-11-24 04:44:28 +00:00
Mariano Cano	ff04873a2a	Change the default error type to forbidden in Sign. The errors will also be propagated from sign options.	2021-11-23 18:58:16 -08:00
Mariano Cano	b9beab071d	Fix unit tests.	2021-11-23 18:43:36 -08:00
Mariano Cano	507a272b4d	Return always http errors in sign options.	2021-11-23 18:32:33 -08:00
Carl Tashian	d83ca96d2a	Fixes #757	2021-11-23 18:12:31 -08:00
Mariano Cano	a33709ce8d	Fix sign ssh options tests.	2021-11-23 18:06:18 -08:00
Mariano Cano	1da7ea6646	Return always http errors in sign ssh options.	2021-11-23 17:52:39 -08:00
Mariano Cano	031d4d7000	Return BadRequest when validating sign options.	2021-11-23 17:52:17 -08:00
Carl Tashian	a067b3acad	Add a note about reload-or-try-restart in systemd	2021-11-23 17:23:24 -08:00
Mariano Cano	bb26799583	Modify errs.Wrap with forbidden errors.	2021-11-23 12:04:51 -08:00
Mariano Cano	b5db3f5706	Modify errs.ForbiddenErr to always return an error to the cli.	2021-11-23 11:52:55 -08:00
Mariano Cano	4f84cef0cf	Merge pull request #752 from smallstep/errors-bad-request Bad request errors	2021-11-22 13:16:04 -08:00
Carl Tashian	d925bc6ba9	Fix systemd renewer to use sh	2021-11-22 11:03:05 -08:00
JJ	11a1297bf5	Update Go Modules: Fixes Docker Example go.mod: update requirements to fix build errors in docker example go.sum: hashes updated to match updated requirements	2021-11-20 17:17:21 -08:00
Herman Slatman	2d50c96d99	Merge branch 'master' into hs/acme-revocation	2021-11-19 17:00:18 +01:00
Mariano Cano	aa3fdf8fb9	Do not overwrite errors.	2021-11-18 19:03:43 -08:00
Mariano Cano	b6ebd118fc	Update temporal solution for sending message to users	2021-11-18 18:47:55 -08:00
Mariano Cano	668d3ea6c7	Modify errs.Wrap() with bad request to send messages to users.	2021-11-18 18:44:58 -08:00

1 2 3 4 5 ...

2346 commits