mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity
2543 commits 33 branches 197 tags 41 MiB
Commit graph

2543 commits

This branch
This branch
All branches
Author SHA1 Message Date
Herman Slatman
4cde2696e5 Update cloud.google.com/go/kms 2022-03-28 14:55:40 -07:00
Andrew Reed
52d7f084d2 Add /roots.pem handler (#866) 
* Add /roots.pem handler

* Review changes

* Remove no peer cert test case
 2022-03-28 14:55:40 -07:00
Mariano Cano
750e9ee2f8 Attempt to fix TestBootstrapClientServerRotation 
This change attempts to fix the test TestBootstrapClientServerRotation.
Due to the backdate, the renew options get too large, causing
continuous renewals, and random errors. After experimenting with
different options, truncating durations to seconds have shown better
results than rounding or just use the plain time.
 2022-03-28 14:55:40 -07:00
Panagiotis Siatras
27c1d0afc3 add --context flag to step-ca command (#851) 
* added the --context flag

* apply the context and allow for different ca.json

* amended usage for consistency

* added an extra example

* added an extra example

* reordered and reworded examples
 2022-03-28 14:55:40 -07:00
Panagiotis Siatras
a852223717 scep: remove Interface and the dependency to pkg/errors (#872) 
* scep: documented the package

* scep/api: removed some top level constants

* scep: removed dependency to pkg/errors

* scep/api: documented the package
 2022-03-28 14:55:40 -07:00
Panagiotis Siatras
bca74cb6a7 scep: minor cleanup (#867) 
* api, scep: removed scep.Error

* scep/api: replaced nextHTTP with http.HandlerFunc

* scep/api: renamed writeSCEPResponse to writeResponse

* scep/api: renamed decodeSCEPRequest to decodeRequest

* scep/api: renamed writeError to fail

* scep/api: replaced pkg/errors with errors

* scep/api: formatted imports

* scep/api: do not export SCEPRequest & SCEPResponse

* scep/api: do not export Handler

* api: flush errors better
 2022-03-28 14:55:40 -07:00
vijayjt
37207793f9 Pass in the resource name regardless of if its a VM or managed identity 2022-03-28 14:55:40 -07:00
vijayjt
7e47c70af2 Remove redundant parameter type declaration 2022-03-28 14:55:40 -07:00
vijayjt
7b605b2d16 Support Azure tokens from managed identities not associated with a VM 2022-03-28 14:55:39 -07:00
Mariano Cano
76ea1635a7 Change golang to Go 2022-03-28 14:55:39 -07:00
Mariano Cano
5ab79f53be Fix linter errors 2022-03-28 14:55:39 -07:00
Mariano Cano
161a4b28be Change go version to 1.17 and 1.18 2022-03-28 14:55:39 -07:00
Herman Slatman
c50800eb01 Add armv5 build for (cloud|aws)kms 2022-03-28 14:55:39 -07:00
Herman Slatman
76e5347923 Add armv5 build to GoReleaser configuration 2022-03-28 14:55:39 -07:00
Panagiotis Siatras
17d7fd70cd api/log: initial implementation of the package (#859) 
* api/log: initial implementation of the package

* api: refactored to support api/log

* scep/api: refactored to support api/log

* api/log: documented the package

* api: moved log-related tests to api/log
 2022-03-28 14:55:39 -07:00
Mariano Cano
9d027c17d0 Send current provisioner on PostCertificate 2022-03-21 19:24:05 -07:00
Mariano Cano
b401376829 Add current provisioner to AuthorizeSign SignOptions. 
The original provisioner cannot be retrieved from a certificate
if a linked ra is used.
 2022-03-21 19:21:40 -07:00
Panagiotis Siatras
823170ef57
Merge pull request #858 from smallstep/panos/api/read 
api/read: initial implementation of the package
 2022-03-21 18:24:10 +02:00
Panagiotis Siatras
e6b2359273
ca: fixed import statement order 2022-03-18 20:21:01 +02:00
Panagiotis Siatras
df89ed5acb
api: moved read-related tests to api/read 2022-03-18 20:21:01 +02:00
Panagiotis Siatras
9ba33bab4e
ca: refactored to use the read package 2022-03-18 20:21:00 +02:00
Panagiotis Siatras
4fb38afc57
authority/admin/api: refactored to use the read package 2022-03-18 20:21:00 +02:00
Panagiotis Siatras
29092b9d8a
api: refactored to use the read package 2022-03-18 20:20:59 +02:00
Panagiotis Siatras
7fb8acda27
api/read: initial implementation of the package 2022-03-18 20:20:16 +02:00
Mariano Cano
12000359ad
Merge pull request #849 from smallstep/feat/renewAfterExpiry 
Renew After Expiry
 2022-03-18 11:18:41 -07:00
Herman Slatman
7a13661e4c
Merge pull request #846 from smallstep/herman/scep-url-config 
Add configuration for custom path segment on SCEP provisioners
 2022-03-16 00:19:22 +01:00
Herman Slatman
dcbcd88a62
Add changelog item for dynamic SCEP CA URL paths 2022-03-16 00:04:15 +01:00
Herman Slatman
15477f6d7b
Make custom SCEP CA paths automagic 2022-03-15 23:28:56 +01:00
Mariano Cano
915911efb6 Disable http loggers in test. 
They hide the test that fail on tests in the CI.
 2022-03-15 12:26:00 -07:00
Mariano Cano
ead742ca0f Fix unit test 2022-03-15 12:13:01 -07:00
Mariano Cano
6d532045dc Fix validity check for sshpop provisioner. 2022-03-14 17:31:21 -07:00
Mariano Cano
c903f00cd4 Rename claim to allowRenewAfterExpiry. 2022-03-14 15:40:01 -07:00
Panagiotis Siatras
415276e52b
Merge pull request #850 from smallstep/panos/envrc 
git: ignore .envrc files
 2022-03-14 13:29:35 +02:00
Panagiotis Siatras
f7a044222e
git: ignore .envrc files 2022-03-14 13:18:44 +02:00
Mariano Cano
6dcde8a743 Fix typo 2022-03-11 15:22:53 -08:00
Mariano Cano
a4dd586a81 Add method to get the CA url from the client. 2022-03-11 15:13:39 -08:00
Mariano Cano
4690fa64ed Add public methods to retrieve the provisioner extensions. 2022-03-11 14:59:42 -08:00
Mariano Cano
236caaa735 Add entry in changelog 2022-03-11 10:51:33 -08:00
Mariano Cano
f8df6a1acc Change variable name for consistency 2022-03-11 10:05:35 -08:00
Mariano Cano
616490a9c6 Refactor renew after expiry token authorization 
This changes adds a new authority method that authorizes the
renew after expiry tokens.
 2022-03-10 20:21:01 -08:00
Mariano Cano
41ea67ce10 Attempt to fix a bootstrap tests 2022-03-10 13:01:31 -08:00
Mariano Cano
79349b4d7c Add options to use custom renewal methods. 2022-03-10 13:01:08 -08:00
Mariano Cano
389815642d Fix tests: certs are truncated to seconds. 2022-03-10 10:46:28 -08:00
Mariano Cano
8ef8f4f665 Use the provisioner controller in Nebula renewals 2022-03-10 10:45:12 -08:00
Mariano Cano
afb5d36206 Allow to renew certificates using an x5c-like token. 2022-03-09 20:37:41 -08:00
Mariano Cano
259e95947c Add support for the provisioner controller 
The claimer, audiences and custom callback methods are now managed
by the provisioner controller in an uniform way.
 2022-03-09 18:43:45 -08:00
Mariano Cano
3c2ff33ca9 Add provisioner controller tests. 2022-03-09 18:43:27 -08:00
Mariano Cano
fd6a2eeb9c Add provisioner controller 
The provisioner controller has the implementation of the identity
function as well as the renew methods with renew after expiry
support.
 2022-03-09 18:39:09 -08:00
Mariano Cano
2e715cd505
Merge pull request #848 from smallstep/dep/nosql 
Upgrade nosql package
 2022-03-09 10:06:34 -08:00
Herman Slatman
a3cda9c3d7
Add configuration for custom path segment 
To support SCEP clients that expect a specific path segment in
a SCEP URL, a new "customPath" option was added to the SCEP
provisioner configuration. The configuration can be used to set
a specific path (segment) that the SCEP provisioner will respond to.
 2022-03-07 13:24:26 +01:00