dependabot[bot]
2f2e3dea0f
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.3.0 to 0.4.0
...
Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-14 22:04:07 +00:00
Mariano Cano
5fbee3d3ef
Merge pull request #1275 from smallstep/net-update
...
Upgrade golang.org/x/net
2023-02-14 14:00:28 -08:00
Mariano Cano
0d80473157
Upgrade golang.org/x/net
...
When the Go client is configured with an http2.Transport we need to
upgrade x/net due to:
- net/http: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
2023-02-14 13:11:25 -08:00
github-actions[bot]
12d905be3e
Merge pull request #1270 from smallstep/dependabot/go_modules/golang.org/x/net-0.6.0
...
Bump golang.org/x/net from 0.5.0 to 0.6.0
2023-02-14 09:51:49 -08:00
dependabot[bot]
045ae52452
Bump golang.org/x/net from 0.5.0 to 0.6.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-14 17:36:34 +00:00
Mariano Cano
c2c246b062
Merge pull request #1265 from smallstep/check-csr-acme-da
...
Verify CSR key fingerprint with attestation certificate key
2023-02-14 09:34:48 -08:00
Max
ff7b8830fe
Merge pull request #1273 from smallstep/max/dependabot-auto-merge
...
enable auto merge for dependabot PRs
2023-02-13 22:56:50 -08:00
max furman
74e6245e90
enable auto merge for dependabot PRs
2023-02-13 17:06:00 -08:00
Mariano Cano
5ff0dde819
Remove json tag in acme.Authorization fingerprint
2023-02-10 13:58:52 -08:00
Mariano Cano
da95c44943
Fix lint issue with Go 1.20
2023-02-09 17:02:35 -08:00
Mariano Cano
6ba20209c2
Verify CSR key fingerprint with attestation certificate key
...
This commit makes sure that the attestation certificate key matches the
key used on the CSR on an ACME device attestation flow.
2023-02-09 16:48:43 -08:00
Carl Tashian
ec3be2359a
Merge pull request #1262 from micheljung/patch-1
...
Add DOCKER_STEPCA_INIT_ADDRESS
2023-02-08 16:46:36 -08:00
Michel Jung
ebe7e5d019
Add DOCKER_STEPCA_INIT_ADDRESS
...
This allows configuring "--address" instead of using hard-coded :9000
2023-02-08 22:22:45 +01:00
Max
03cb74a449
Merge pull request #1259 from smallstep/dependabot/go_modules/google.golang.org/api-0.109.0
...
Bump google.golang.org/api from 0.108.0 to 0.109.0
2023-02-06 09:29:39 -08:00
dependabot[bot]
c9814be699
Bump google.golang.org/api from 0.108.0 to 0.109.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.108.0 to 0.109.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.108.0...v0.109.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 15:10:38 +00:00
zyzyx
2c57415657
There is an error during installation which shows.
...
"install: cannot stat 'step-ca_0.23.2/bin/step-ca': No such file or directory"
Upon checking the is no bin directory after step-ca_linux_0.23.2_amd64.tar.gz
is extracted so by simply changing from step-ca_${CA_VERSION:1}/bin/step-ca to step-ca_${CA_VERSION:1}/step-ca the installation succeed.
2023-02-04 01:57:42 +08:00
Mariano Cano
3c76834807
Merge pull request #1254 from smallstep/changelog-v0.23.2
...
Add changelog for v0.23.2
2023-02-02 15:04:07 -08:00
Mariano Cano
6be15819d6
Add new entries to changelog
2023-02-02 14:54:11 -08:00
Herman Slatman
da00046a61
Merge pull request #1235 from smallstep/herman/acme-da-subject-check
...
Improve validation and error messages for Orders with Permanent Identifier
2023-02-02 23:50:40 +01:00
Mariano Cano
2cef8d10ee
Add changelog for v0.23.2
2023-02-02 14:48:34 -08:00
Carl Tashian
067f9c9a5f
Merge pull request #1252 from smallstep/carl/startup-noconfig-msg
...
Helpful message on CA startup when config can't be opened
2023-01-31 17:18:24 -08:00
Herman Slatman
3a6fc5e0b4
Remove dependency on smallstep/assert
in ACME challenge tests
2023-01-31 23:49:34 +01:00
Herman Slatman
0f1c509e4b
Remove debug utility
2023-01-31 23:48:53 +01:00
Carl Tashian
b76028f3ba
Update commands/app.go
...
Co-authored-by: Mariano Cano <mariano@smallstep.com>
2023-01-31 14:39:29 -08:00
Carl Tashian
1c59b3f132
Fix linting error
2023-01-31 12:38:46 -08:00
Carl Tashian
50b4011b03
Move to commands/app.go
2023-01-31 12:32:56 -08:00
Mariano Cano
40538d8224
Merge pull request #1251 from smallstep/pidfile
...
Add pidfile flag
2023-01-31 12:16:00 -08:00
Carl Tashian
4b7fa2524d
Closes #1248
2023-01-31 12:10:59 -08:00
Mariano Cano
0df942b8f6
Add pidfile flag
...
This commit adds an optional flag --pidfile which allows to pass
a filename where step-ca will write its process id.
Fixes #754
2023-01-31 12:04:06 -08:00
Max
972bfb9689
Merge pull request #1250 from smallstep/max/scoop
...
Add scoop back to goreleaser
2023-01-31 11:30:33 -08:00
max furman
e741c60afb
Add scoop back to goreleaser
2023-01-31 11:25:16 -08:00
Carl Tashian
dd9b97221e
Merge pull request #1246 from smallstep/carl/fix-release-linktitle
...
Fixed the arch of the filename in the windows release artifact
2023-01-30 13:28:25 -08:00
Carl Tashian
ed4af06a56
Fixed the arch of the filename in the windows release artifact
2023-01-30 13:26:59 -08:00
Mariano Cano
197b79bb48
Merge pull request #1243 from smallstep/remove-deprecated-binaries
...
Add step-kms-plugin to docker images and build a CGO based one
2023-01-30 11:30:35 -08:00
Max
0c5e7f1b5c
Merge pull request #1245 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.23.2
...
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
2023-01-30 09:39:43 -08:00
Max
d79e1343ae
Merge pull request #1244 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.52.3
...
Bump google.golang.org/grpc from 1.52.0 to 1.52.3
2023-01-30 09:38:15 -08:00
dependabot[bot]
9a539f22fc
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.23.1 to 0.23.2.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.23.1...v0.23.2 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-30 15:14:01 +00:00
dependabot[bot]
c32e84b436
Bump google.golang.org/grpc from 1.52.0 to 1.52.3
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.52.0 to 1.52.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.0...v1.52.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-30 15:13:21 +00:00
Herman Slatman
0f9128c873
Fix linting issue and order of test SUT
2023-01-27 15:43:57 +01:00
Herman Slatman
2ab9beb7ed
Add tests for deviceAttest01Validate
2023-01-27 15:36:48 +01:00
Mariano Cano
3b1be62663
Add step-kms-plugin to docker images and build a CGO based one
2023-01-26 16:52:19 -08:00
Herman Slatman
7c632629dd
Merge branch 'master' into herman/acme-da-subject-check
2023-01-26 15:52:45 +01:00
Herman Slatman
ed61c5df5f
Cleanup some leftover debug statements
2023-01-26 15:36:15 +01:00
Herman Slatman
60a9e41c1c
Remove Identifier
from top level ACME Errors
2023-01-26 14:59:08 +01:00
Herman Slatman
edee01c80c
Refactor debug utility
2023-01-26 13:41:01 +01:00
Herman Slatman
1c38113e44
Add ACME Subproblem
for more detailed ACME client-side errors
...
When validating an ACME challenge (`device-attest-01` in this case,
but it's also true for others), and validation fails, the CA didn't
return a lot of information about why the challenge had failed. By
introducing the ACME `Subproblem` type, an ACME `Error` can include
some additional information about what went wrong when validating
the challenge.
This is a WIP commit. The `Subproblem` isn't created in many code
paths yet, just for the `step` format at the moment. Will probably
follow up with some more improvements to how the ACME error is
handled. Also need to cleanup some debug things (q.Q)
2023-01-26 13:29:31 +01:00
Mariano Cano
4bb25d4a52
Merge pull request #1240 from smallstep/remove-deprecated-binaries
...
Remove deprecated binaries
2023-01-24 11:16:50 -08:00
Mariano Cano
39f46d31b9
Remove deprecated binaries
...
This commit removes the following deprecated binaries:
- step-awskms-init
- step-cloudkms-init
- step-pkcs11-init
- step-yubikey-init
From now on step and step-kms-plugin should be used to initialize the
PKI in AWS KMS, GCP KMS, PKCS#11 modules or YubiKeys.
A future commit will add step-kms-plugin to the docker images of
step-ca.
Fixes #1046
2023-01-23 16:30:55 -08:00
Herman Slatman
f1724ea8c5
Merge branch 'master' into herman/acme-da-tpm
2023-01-23 22:52:56 +01:00
Max
fc452e560c
Merge pull request #1236 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.3
...
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
2023-01-23 12:15:22 -08:00