Mariano Cano
26122a2cbf
Enable admin automatically if a token is provided.
2021-08-02 11:48:37 -07:00
Mariano Cano
5344f42f21
Allow to use the environment variable STEP_CA_TOKEN
...
For helm charts we want to store the tokens in a secret and load
it from an environment variable.
2021-08-02 11:33:02 -07:00
Mariano Cano
2620c38aee
Add is converting provisioners to linkedca.
...
The ids are required to be able to link admins with provisioners.
2021-07-28 18:05:57 -07:00
Mariano Cano
e62d7988b8
Do not store password on exports.
2021-07-28 15:22:21 -07:00
Mariano Cano
ac363d7824
Add --password-file and --issuer-password-file flags to export.
2021-07-28 15:21:48 -07:00
Mariano Cano
4f27f4b002
Change default ciphersuites to newer names.
2021-07-28 13:56:05 -07:00
Mariano Cano
07f7316851
Add bastion to export.
2021-07-27 19:22:29 -07:00
Mariano Cano
0730a165fd
Add collection of files and authority template.
2021-07-27 19:19:58 -07:00
Mariano Cano
c7f8516142
Add to export all the information in the ca.json
2021-07-27 18:29:29 -07:00
Mariano Cano
887423ee6e
Update TLS cipher suites.
2021-07-27 18:29:10 -07:00
Mariano Cano
dc1ec18b52
Create a way to export ca configurations.
2021-07-26 19:01:56 -07:00
Mariano Cano
d0c1530f89
Remove replace of linkedca package.
2021-07-26 14:48:01 -07:00
Mariano Cano
3a00b6b396
Properly marshal a certificate when we send it to linkedca.
2021-07-26 14:31:42 -07:00
Mariano Cano
4ad82a2f76
Check linkedca for revocation.
2021-07-23 16:10:13 -07:00
Mariano Cano
f7542a5bd9
Move check of ssh revocation from provisioner to the authority.
2021-07-21 15:22:57 -07:00
Mariano Cano
71f8019243
Store x509 and ssh certificates on linkedca if enabled.
2021-07-20 18:16:24 -07:00
Mariano Cano
17eef81c91
Remove linkerd replace.
2021-07-20 14:55:07 -07:00
Mariano Cano
a72eab915b
Use linkedca v0.1.0
2021-07-20 12:59:59 -07:00
Mariano Cano
7c0faab73e
Remove now unused step-ca login.
2021-07-20 12:57:34 -07:00
Mariano Cano
8fb5340dc9
Use a token at start time to configure linkedca.
...
Instead of using `step-ca login` we will use a new token provided
as a flag to configure and start linkedca. Certificates will be kept
in memory and refreshed automatically.
2021-07-19 19:28:06 -07:00
Mariano Cano
dd9850ce4c
Add working implementation of the linkedca.
...
Replaces the authority adminDB with a new impmentation that users the
linkedca client to retrieve the data.
Note that this implementation still hardcodes the endpoint to localhost.
2021-07-12 18:11:00 +02:00
Mariano Cano
49c1427d15
Use authorityId instead of authorityID.
...
In json or javascript world authorityId, userId, ... are more common
than authorityID, ...
2021-07-12 15:31:05 +02:00
Mariano Cano
f7e09af9df
Implement the login command.
...
The login commands creates a new certificate for the linked ca.
This certificate will be used to sync data with the linkedca
endpoint.
2021-07-12 15:28:13 +02:00
Max
b9743b36e1
Merge pull request #599 from smallstep/max/cert-mgr-crud
...
certificate manager
2021-07-08 16:29:30 -07:00
max furman
857a50434c
Merge branch 'master' into max/cert-mgr-crud
2021-07-08 16:25:52 -07:00
Max
517fab1b54
Merge pull request #602 from hslatman/hs/ip-verification
...
IP Identifier Validation [RFC8738]
2021-07-08 16:24:34 -07:00
max furman
681226a798
Merge branch 'master' into max/cert-mgr-crud
2021-07-08 16:21:09 -07:00
max furman
1df21b9b6a
Addressing comments in PR review
...
- added a bit of validation to admin create and update
- using protojson where possible in admin api
- fixing a few instances of admin -> acme in errors
2021-07-06 17:14:13 -07:00
Mariano Cano
bc14341387
Fix bootstrap command.
2021-07-06 16:35:00 +02:00
max furman
5679c9933d
Fixes from PR review
2021-07-03 12:08:30 -07:00
max furman
77fdfc9fa3
Merge branch 'master' into max/cert-mgr-crud
2021-07-02 20:26:46 -07:00
max furman
9fdef64709
Admin level API for provisioner mgmt v1
2021-07-02 19:05:17 -07:00
Herman Slatman
8e4a4ecc1f
Refactor tests for sans
2021-06-26 00:48:40 +02:00
Herman Slatman
87b72afa25
Fix IP equality check and add more tests
2021-06-26 00:13:44 +02:00
Herman Slatman
a6d33b7d06
Add tests for sans()
2021-06-25 17:21:22 +02:00
Herman Slatman
64c15fde7e
Add tests for canonicalize function
2021-06-25 14:07:40 +02:00
Herman Slatman
7843c90c4c
Merge branch 'master' of github.com:smallstep/certificates into hs/ip-verification
2021-06-25 13:30:41 +02:00
max furman
6476eb45a7
Need RELEASE variable defined in make debian
2021-06-23 13:30:30 -07:00
Mariano Cano
856f08b1c5
Merge pull request #605 from smallstep/casv1
...
Add support for Google CAS v1
2021-06-23 00:58:10 -07:00
Mariano Cano
65dacc2795
Replace golint with revive
2021-06-23 09:53:26 +02:00
Mariano Cano
35e6cc275a
Fix typos in comments.
2021-06-23 09:35:14 +02:00
Herman Slatman
c514a187b2
Fix Fail() -_-b
2021-06-18 17:37:56 +02:00
Herman Slatman
135e912ac8
Improve coverage for TLS-ALPN-01 challenge
2021-06-18 17:27:35 +02:00
Herman Slatman
218a2adb9f
Add tests for IP Order validations
2021-06-18 16:09:48 +02:00
Mariano Cano
db416a45ae
Fix path for labeler.
2021-06-18 13:02:53 +02:00
Herman Slatman
f33bdee5e0
Fix linter issue S1025
2021-06-18 12:55:50 +02:00
Herman Slatman
8780409020
Merge branch 'master' into hs/ip-verification
2021-06-18 12:45:12 +02:00
Herman Slatman
523ae96749
Change identifier and challenge types to consts
2021-06-18 12:39:36 +02:00
Herman Slatman
84ea8bd67a
Fix PR comments
2021-06-18 12:03:46 +02:00
Mariano Cano
a0633a6efb
Merge pull request #612 from gdbelvin/kmspin
...
Allow reading pin from kms string
2021-06-15 12:05:34 -07:00