Commit graph

1433 commits

Author SHA1 Message Date
Mariano Cano
52d857a302 Update CloudCAS instructions. 2020-09-24 12:43:25 -07:00
Mariano Cano
066c7ee10b Fix iam permissions. 2020-09-24 12:37:29 -07:00
Mariano Cano
42ce78ed43 Add initial docs for CAS. 2020-09-22 13:32:48 -07:00
Mariano Cano
072adc906e Print root fingerprint for CloudCAS. 2020-09-22 13:23:48 -07:00
Mariano Cano
8e6d7accf8 Do not add the CRL distribution points extension.
This extension is added by CloudCAS.
2020-09-21 17:09:46 -07:00
Mariano Cano
38fa780775 Add interface to get root certificate from CAS.
This change makes easier the configuration of cloudCAS as it does
not require to configure the root or intermediate certificate
in the ca.json. CloudCAS will get the root certificate using
the configured certificateAuthority.
2020-09-21 15:27:20 -07:00
Mariano Cano
fa099f2ae2 Change method name. 2020-09-21 15:11:25 -07:00
Mariano Cano
a332c40530 Merge branch 'master' into cas 2020-09-17 14:46:52 -07:00
Mariano Cano
87bbcee239 Update go.sum 2020-09-17 11:17:46 -07:00
Mariano Cano
9573b47efb
Merge pull request #369 from acipia/master
avoid using yubikey attestation cert
2020-09-17 11:15:49 -07:00
max furman
3e874a1e72 Fix RHEL/CentOS install docs 2020-09-16 20:53:58 -07:00
Mariano Cano
884a6f5dd0 Skip test on CI. 2020-09-16 14:03:26 -07:00
Mariano Cano
91aa1e87f1 Do not use go 1.15 methods. 2020-09-16 13:51:49 -07:00
Mariano Cano
60515d92c5 Remove unnecessary properties. 2020-09-16 13:31:26 -07:00
Pierre Laden
692f7692a2 fix #2 indentation 2020-09-16 22:26:53 +02:00
Pierre Laden
290d5ee979 fix gofmt complain 2020-09-16 22:15:42 +02:00
Pierre Laden
179e793f1a - provide PINpolicy always to piv-go to avoid trying to use attestation cert, which we might not have
- bump piv-go version to 1.6.0
2020-09-16 21:59:48 +02:00
Mariano Cano
f2dd5c48cc Fix linting errors. 2020-09-16 12:41:43 -07:00
Mariano Cano
8957e5e5a2 Add missing tests 2020-09-16 12:34:42 -07:00
Mariano Cano
e146b3fe16 Add Unit tests for softcas. 2020-09-15 19:37:02 -07:00
Mariano Cano
1550a21f68 Fix unit tests. 2020-09-15 18:14:21 -07:00
Mariano Cano
e17ce39e3a Add support for Revoke using CAS. 2020-09-15 18:14:03 -07:00
Mariano Cano
144ffe73dd Complete unit tests for Google CAS. 2020-09-15 17:23:11 -07:00
Mariano Cano
f7d066fca8 Fix key usages. 2020-09-15 15:19:59 -07:00
Mariano Cano
01e6495f43 Add most of cloudcas unit tests and minor fixes. 2020-09-14 19:13:40 -07:00
Mariano Cano
8eff4e77a8 Comment request structs. 2020-09-14 19:12:49 -07:00
Mariano Cano
bd8dd9da41 Do not read issuer and signer twice. 2020-09-10 19:13:17 -07:00
Mariano Cano
aad8f9e582 Pass issuer and signer to softCAS options.
Remove commented code and initialize CAS properly.
Minor fixes in CloudCAS.
2020-09-10 19:09:46 -07:00
Mariano Cano
c8d9cb0a1d Complete cloudcas using CAS v1beta1. 2020-09-10 16:19:18 -07:00
Max
946aedca92
Merge pull request #368 from gucchisk/error_message
Fix error message of bad request
2020-09-10 08:04:37 -07:00
gucchisk
4ad6be2680 Fix error message of bad request 2020-09-10 23:45:44 +09:00
Mariano Cano
1b1f73dec6 Early attempt to develop a CAS interface. 2020-09-08 19:26:32 -07:00
Carl Tashian
b792f9144f
Merge pull request #364 from smallstep/docker-tweaks
Update Dockerfile.step-ca to match best practices
2020-09-08 18:11:21 -07:00
Mariano Cano
276e307a1d Add extra tests for CustomSSHTemplateOptions 2020-09-08 15:43:39 -07:00
Mariano Cano
3fc9124559
Merge pull request #366 from smallstep/max/ignore-null
Ignore `null` string for x509 and ssh templateData.
2020-09-08 15:42:58 -07:00
max furman
da9f0b09af Ignore null string for x509 and ssh templateData. 2020-09-08 13:59:22 -07:00
Carl Tashian
3b31c6d2f5 Change HEALTHCHECK to use step ca health. Change shell CMD exec to skip redundant /bin/sh -c 2020-09-08 09:44:35 -07:00
Mariano Cano
81c6e01269 Fix unit test. 2020-09-04 11:16:17 -07:00
Mariano Cano
3ac0ef2eaa Update crypto to v0.6.0 2020-09-02 18:08:24 -07:00
Mariano Cano
50d09c183b Fix example and use ClientCAs.
Server trust client certificates using ClientCAs instead of RootCAs.
2020-09-02 15:10:11 -07:00
Carl Tashian
6ffc438ed1 Update Dockerfile.step-ca to match best practices
- See https://docs.docker.com/develop/develop-images/dockerfile_best-practices/
- Added a .dockerignore file to reduce the build context size
- Added a HEALTHCHECK (curl the CA)
2020-09-02 11:41:47 -07:00
Max
54e43604ff
Merge pull request #363 from smallstep/max/k8ssa
Standardize k8ssa check on issuer name
2020-09-01 13:20:27 -07:00
Mariano Cano
f3b65e54ac Update go.step.sm to v0.5.0
Solves the problem of enforcing the signature algorithm. This
causes issues if the intermediate key is not an ECDSA key.
2020-09-01 12:44:46 -07:00
max furman
ce9af5c20f Standardize k8ssa check on issuer name 2020-08-31 20:56:00 -07:00
max furman
925edaede2 revert to skip_cleanup in travis 2020-08-31 14:28:31 -07:00
Mariano Cano
8ee246edda Upgrade go.step.sm to v0.4.0 2020-08-31 12:30:54 -07:00
Mariano Cano
ce5e1b4934 Fix merge issue. 2020-08-28 14:44:43 -07:00
Mariano Cano
35bd3ec383
Merge pull request #329 from smallstep/ssh-cert-templates
SSH cert templates
2020-08-28 14:42:58 -07:00
Mariano Cano
cef0475e71 Make clear what's a template/unsigned certificate. 2020-08-28 14:33:26 -07:00
Mariano Cano
4d375a06f5 Make clearer what's an unsigned cert. 2020-08-28 14:29:18 -07:00