alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity
2863 commits 34 branches 199 tags 41 MiB
Commit graph

2863 commits

This branch
This branch
All branches
Author SHA1 Message Date
Gary Belvin
fed09047f9 pinfile 2022-06-09 13:51:14 -04:00
Max
34d141e4d5
Merge pull request #945 from smallstep/changelog-update 
Update changelog
 2022-05-26 11:06:30 -07:00
max furman
5e56a7b4ec Changelog update for 0.20.0 
- added line for new WithOptions on authority Init
 2022-05-26 10:57:05 -07:00
Herman Slatman
b4b9893fcd Update changelog 2022-05-26 10:57:03 -07:00
Mariano Cano
6d580a69e8 Update changelog 2022-05-26 10:56:24 -07:00
Mariano Cano
de00e01f1b
Merge pull request #947 from smallstep/fix-ssh-revocation 
Fix SSH certificate revocation
 2022-05-25 17:24:45 -07:00
Mariano Cano
2adf8caac7 Fix Dependabot warning on an indirect dependency 2022-05-25 17:11:45 -07:00
Mariano Cano
9c049eec5a Add revoke ssh unit test 2022-05-25 17:10:07 -07:00
Mariano Cano
ce9a23a0f7 Fix SSH certificate revocation 2022-05-25 16:55:22 -07:00
Herman Slatman
abfbbc8d49
Merge pull request #946 from smallstep/herman/acme-csr-padding 
Strip base64-url padding from ACME CSR
 2022-05-25 23:25:34 +02:00
Herman Slatman
fd546287ac
Strip base64-url padding from ACME CSR 
This commit strips the padding from a base64-url encoded CSR
submitted by a client that doesn't use raw base64-url encoding.
 2022-05-25 22:46:26 +02:00
Herman Slatman
a564b4f32e
Merge pull request #944 from smallstep/herman/tls-wasm-client 
Set nil dial context for js/wasm runtime
 2022-05-25 22:35:18 +02:00
Herman Slatman
a7dd3a986f
Set nil dial context for js/wasm runtime 2022-05-25 16:51:26 +02:00
Mariano Cano
911cec21da
Merge pull request #943 from smallstep/ssh-renew-provisioner 
Add provisioner to SSH renewals
 2022-05-23 17:21:55 -07:00
Mariano Cano
94f5b92513 Use proper context in authority package 2022-05-23 15:31:43 -07:00
Mariano Cano
1be74eca62 Merge branch 'master' into ssh-renew-provisioner 2022-05-23 14:31:15 -07:00
Mariano Cano
539bfddba5
Merge pull request #914 from smallstep/context-authority 
Retrieve authority from the context
 2022-05-23 14:12:58 -07:00
Mariano Cano
e7f4eaf6c4 Remove explicit deprecation notice 
This will avoid linter errors on other projects for now.
 2022-05-23 14:04:31 -07:00
Mariano Cano
26dd97e718 Merge branch 'master' into context-authority 2022-05-23 12:36:16 -07:00
Mariano Cano
02fd0e7170
Merge pull request #913 from delamart/master 
Vault Kubernetes Auth
 2022-05-23 12:08:01 -07:00
Erik DeLamarter
07984a968f
better error messages 
Co-authored-by: Mariano Cano <mariano.cano@gmail.com>
 2022-05-21 21:11:52 +02:00
Erik De Lamarter
9ec154aab0
rewrite and improve secret-id config 2022-05-21 21:06:15 +02:00
Erik De Lamarter
6989c7f146
vault auth unit tests 2022-05-21 21:06:15 +02:00
Erik De Lamarter
6c44291d8d
refactor vault auth 2022-05-21 21:06:15 +02:00
Erik De Lamarter
dec1067add
vault kubernetes auth 2022-05-21 21:06:14 +02:00
Mariano Cano
6b3a8f22f3 Add provisioner to SSH renewals 
This commit allows to report the provisioner to the linkedca when
a SSH certificate is renewed.
 2022-05-20 14:41:44 -07:00
Mariano Cano
3c4d0412ef
Merge pull request #941 from smallstep/ssh-provisioner 
Report SSH provisioner
 2022-05-20 12:24:30 -07:00
Mariano Cano
eebbd65dd5 Fix linter error 2022-05-20 12:03:36 -07:00
Max
f8148071fb
Merge pull request #915 from smallstep/max/removing-beta 
exposing authority configuration for provisioner cli commands
 2022-05-19 22:53:59 -07:00
max furman
5443aa073a gofmt -s 2022-05-19 22:46:25 -07:00
max furman
8ca9442fe9 Add -s to make fmt and bump golangci-lint to 1.45.2 2022-05-19 22:40:47 -07:00
Max
586e4fd3b5
Update authority/options.go 
Co-authored-by: Mariano Cano <mariano@smallstep.com>
 2022-05-19 22:26:20 -07:00
Mariano Cano
1ad75a3bdb Skip failing test for now 
This test fails randomly on VMs, there's an issue to fix this so
skipping it for now
 2022-05-19 18:51:51 -07:00
Mariano Cano
dd985ce154 Clarify errors when sending renewed certificates 2022-05-19 18:41:13 -07:00
Mariano Cano
a627f21440 Fix AuthorizeSSHSign tests with extra SignOption 2022-05-18 18:51:36 -07:00
Mariano Cano
e7d7eb1a94 Add provisioner as a signOption for SSH 2022-05-18 18:42:42 -07:00
Mariano Cano
293586079a Store provisioner with SignSSH 
This change also allows to store the old certificate on renewal on
linkedca or if the db interface supports it.
 2022-05-18 18:33:53 -07:00
Mariano Cano
c8d7ad7ab9 Fix store certificates methods with new interface 2022-05-18 18:33:22 -07:00
Mariano Cano
de99c3cac0 Report provisioner and parent on linkedca 2022-05-18 18:30:53 -07:00
Mariano Cano
20b2c6a201 Extract cert storer methods from AuthDB 
To be able to extend the AuthDB with methods that also extend the
provisioner we need to either create a new method or to split the
interface. This change splits the interface so we can have a cleaner
implementation.
 2022-05-18 18:27:37 -07:00
Herman Slatman
9e05cc4d51
Merge pull request #940 from smallstep/herman/improve-renew-expired-cert-error 
Improve error message when client renews with expired certificate
 2022-05-19 01:46:01 +02:00
Herman Slatman
479eda7339
Improve error message when client renews with expired certificate 
When a client provides an expired certificate and `AllowAfterExpiry`
is not enabled, the client would get a rather generic error with
instructions to view the CA logs. Viewing the CA logs can be done
when running `step-ca`, but they can't be accessed easily in the
hosted solution.

This commit returns a slightly more informational message to the
client in this specific situation.
 2022-05-19 01:25:30 +02:00
max furman
fff00aca78 Updates to issue templates 2022-05-18 15:56:40 -07:00
max furman
bfb406bf70 Fixes for PR review 2022-05-18 09:43:32 -07:00
Herman Slatman
14524d7916
Merge pull request #938 from smallstep/herman/update-crypto-0.16.2 
Update go.step.sm/crypto to v0.16.2
 2022-05-18 09:15:18 +02:00
Herman Slatman
d1ab1d5431
Merge branch 'master' into herman/update-crypto-0.16.2 2022-05-18 09:11:38 +02:00
Herman Slatman
984e4fcff8
Merge pull request #932 from smallstep/herman/pkcs7-patches 
Use github.com/smallstep/pkcs7 fork with (selected) patches applied
 2022-05-18 09:10:48 +02:00
Herman Slatman
b75ce3acbd
Update to go.step.sm/crypto v0.16.2 
This patch release of go.step.sm/crypto fixes an issue with
not all `Subject` names being available for usage in a template
as `ExtraNames`.
 2022-05-17 23:39:01 +02:00
Mariano Cano
400b1ece0b Remove scep handler after merge. 2022-05-12 17:39:36 -07:00
Mariano Cano
898ca41268 Merge branch 'master' into context-authority 2022-05-12 17:14:46 -07:00