Commit graph

1877 commits

Author SHA1 Message Date
max furman
f71e27e787 [acme db interface] unit test progress 2021-03-25 12:05:46 -07:00
max furman
bb8d54e596 [acme db interface] unit tests compiling 2021-03-25 12:05:46 -07:00
max furman
f20fcae80e [acme db interface] wip unit test fixing 2021-03-25 12:05:46 -07:00
max furman
fc395f4d69 [acme db interface] compiles! 2021-03-25 12:05:46 -07:00
max furman
116869ebc5 [acme db interface] wip 2021-03-25 12:05:46 -07:00
max furman
80a6640103 [acme db interface] wip 2021-03-25 12:05:46 -07:00
max furman
491c188a5e [acme db interface] wip 2021-03-25 12:05:46 -07:00
max furman
1135ae04fc [acme db interface] wip 2021-03-25 12:05:46 -07:00
max furman
03ba229bcb [acme db interface] wip more errors 2021-03-25 12:05:46 -07:00
max furman
2ae43ef2dc [acme db interface] wip errors 2021-03-25 12:05:46 -07:00
max furman
121cc34cca [acme db interface] wip 2021-03-25 12:05:45 -07:00
max furman
461bad3fef [acme db interface] wip 2021-03-25 12:05:45 -07:00
max furman
0368957e79 [acmedb] (wip) 2021-03-25 12:05:45 -07:00
max furman
31ad7f2e9b [acme] Continued work on acme db interface (wip) 2021-03-25 12:05:45 -07:00
max furman
34859551ef Add new directory structure 2021-03-25 12:05:45 -07:00
max furman
088432150d Beginnings of acmeDB interface 2021-03-25 12:05:45 -07:00
Mariano Cano
5249ce794b
Merge pull request #516 from smallstep/ra-mode-improvements
RA mode improvements
2021-03-25 11:58:13 -07:00
Mariano Cano
84018ec71b Clarify comment. 2021-03-25 11:07:58 -07:00
Mariano Cano
8c8c160c92 Fix method name in comment. 2021-03-25 11:06:37 -07:00
Mariano Cano
a9297100d8 Allow to configure the JWK using the encrypted key. 2021-03-24 19:05:56 -07:00
Mariano Cano
e727532963 Fix wrong format of the first flag on step-ca --help 2021-03-24 14:55:34 -07:00
Mariano Cano
bdeb0ccd7c Add support for the flag --issuer-password-file
The new flag allows to pass a file with the password used to decrypt
the key used in RA mode.
2021-03-24 14:53:19 -07:00
Mariano Cano
71f59de396
Merge pull request #510 from smallstep/ra-mode
StepCAS.
2021-03-24 14:39:27 -07:00
Mariano Cano
d9f93ccfde Fix typo. 2021-03-24 12:06:29 -07:00
Mariano Cano
edc7c4d90e Add support for password encrypted files 2021-03-23 17:54:42 -07:00
Mariano Cano
80542d6d9a Add JWK as an issuer for stepcas. 2021-03-23 16:14:49 -07:00
Mariano Cano
81428afa6f
Merge pull request #514 from gdbelvin/pin
PKCS11 Init Pin Flag
2021-03-23 15:20:44 -07:00
Gary Belvin
341966c30f Check pin flag 2021-03-23 22:13:35 +00:00
Carl Tashian
9146fe8055 Merge branch 'carl/sysd-update' 2021-03-23 11:17:28 -07:00
Gary Belvin
1ac838628a Add flag for setting the pin 2021-03-23 10:40:13 +00:00
Mariano Cano
ce3e6bfdf6 Fix linting errors. 2021-03-22 13:45:20 -07:00
Mariano Cano
0b8528ce6b Allow mTLS revocation without provisioner. 2021-03-22 13:37:31 -07:00
Mariano Cano
96de4e6ec8 Return a non-implemented error in stepcas.RenewCertificate. 2021-03-22 12:56:12 -07:00
Mariano Cano
348815f4f6 Fix error message. 2021-03-22 11:51:11 -07:00
Herman Slatman
583d60dc0d
Address (most) PR comments 2021-03-21 16:42:41 +01:00
Herman Slatman
a526065d0c
Merge branch 'master' into hs/scep 2021-03-21 13:16:28 +01:00
Mariano Cano
e7a6c46e54 Fix linting errors. 2021-03-19 14:21:47 -07:00
Mariano Cano
08e75b614e Do not depend on Go 1.16. 2021-03-19 13:23:32 -07:00
Mariano Cano
6fd6270e7d Remove debug statements. 2021-03-19 13:21:14 -07:00
Mariano Cano
7958f6ebb5 Add support for lifetime. 2021-03-19 13:19:49 -07:00
Mariano Cano
ae4b8f58b8 Add support for emails, ips and uris. 2021-03-19 12:02:03 -07:00
Mariano Cano
561341a6f2 Update go.step.sm/crypto. 2021-03-18 18:04:38 -07:00
Mariano Cano
dbb48ecf8d Add tests for stepcas. 2021-03-18 18:01:38 -07:00
Mariano Cano
bcf70206ac Add support for revocation using an extra provisioner in the RA. 2021-03-17 19:47:36 -07:00
Mariano Cano
a6115e29c2 Add initial implementation of StepCAS.
StepCAS allows to configure step-ca as an RA using another step-ca
as the main CA.
2021-03-17 19:33:35 -07:00
Carl Tashian
9f0fce6df8 Quoting fix 2021-03-17 18:24:10 -07:00
Carl Tashian
2c09baf696 Two small systemd changes
1. Don't halt the cert renewer service from ExecStartPost ops if a relying service doesn't exist; halt it if the relying service exists and doesn't restart properly.
2. Use /bin/env bash instead of /bin/bash for portability.
2021-03-16 17:08:27 -07:00
max furman
3b9eed003d [action] set goreleaser config values back to default 2021-03-15 12:27:29 -07:00
max furman
6861202762 go.sum update 2021-03-15 11:23:06 -07:00
max furman
6d879affa4 [action] remove duplicate step in job 2021-03-15 11:01:14 -07:00