Mariano Cano
|
28ff122f83
|
Add certificate requests in the templates.
|
2020-07-21 14:18:05 -07:00 |
|
Mariano Cano
|
ca2fb42d68
|
Move options to the provisioner.
|
2020-07-21 14:18:05 -07:00 |
|
Mariano Cano
|
206bc6757a
|
Add initial support for templates in the OIDC provisioner.
|
2020-07-21 14:18:05 -07:00 |
|
Mariano Cano
|
534a6b6c4c
|
Add default templates for intermediate a root certificates.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
0847af16cb
|
Fix setter of basic constraints.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
068bafe5a3
|
Add templateData to api sign request.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
95c3a41bf0
|
Rename UserData to TemplateData and fix unmarshaling.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
9f3acc254b
|
Set the token payload in the JWK provisioner.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
5a04e3b36d
|
Add methods to add data to the template data.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
ef0ed0ff95
|
Integrate simple templates in the JWK provisioner.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
d1d9ae42d6
|
Use certificates x509util instead of cli for certificate signing.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
9032018cf2
|
Convert x509util.WithOptions to new modifiers.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
dcb962bdde
|
Add TemplateData alias and some comments.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
3ba1fbd881
|
Use local SplitSANs.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
6eba0e0e0e
|
Simplify default template.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
abc0a63e32
|
Add wrapper around x509.CreateCertificate.
This wrapper generates some data if needed and cleans key usages
in templates.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
3766702de9
|
Remove empty file.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
208c351a39
|
Add sample leaf template.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
70c0af8200
|
Use different options to load a template from a string or file.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
738304bc6f
|
Add support for SubjectalternativeName type.
Move code around and some fixes.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
2556b57906
|
Add types for certificate flexibility.
This is a first implementation, not the final one.
|
2020-07-21 14:18:04 -07:00 |
|
Carl Tashian
|
c1e6c0285a
|
Merge pull request #325 from smallstep/readme-updates
README updates, round 2
|
2020-07-20 18:56:37 -05:00 |
|
Carl Tashian
|
912e298043
|
Whitelist -> Allowlist per https://tools.ietf.org/id/draft-knodel-terminology-01.html
|
2020-07-20 15:42:47 -07:00 |
|
Carl Tashian
|
ed89367fca
|
Round 2 of README updates
|
2020-07-20 14:10:36 -07:00 |
|
Mariano Cano
|
51b9867c51
|
Merge pull request #318 from nop33/getting-started-docs-fixes
Getting Started docs fixes
|
2020-07-15 13:02:47 -07:00 |
|
Ilias Trichopoulos
|
7d5552f53e
|
Fix service logs path
|
2020-07-14 08:48:43 +02:00 |
|
Ilias Trichopoulos
|
6d8b4a1b9a
|
Fix service name
|
2020-07-14 08:48:18 +02:00 |
|
Ilias Trichopoulos
|
730639d2a3
|
Fix service user name
In `ExecStart` the user used us `smallstep` so the same user should be defined in `useradd`.
|
2020-07-14 08:48:18 +02:00 |
|
Carl Tashian
|
8875097931
|
Merge pull request #310 from smallstep/fix-docker-build
Fix Docker example build on Linux
|
2020-07-13 12:23:03 -05:00 |
|
Carl Tashian
|
15bbd1cf20
|
Remove libpcsclite-dev requirement
|
2020-07-13 09:29:35 -07:00 |
|
Carl Tashian
|
d0b9538bc5
|
WIP readme changes
|
2020-07-13 09:28:46 -07:00 |
|
Carl Tashian
|
8b0da33e27
|
Merge pull request #313 from smallstep/readme-update
First stab at a README update 😱
|
2020-07-13 09:45:21 -05:00 |
|
Max
|
fa8a808fc8
|
Merge pull request #314 from smallstep/max/rekey
A few last fixes and tests added for rekey/renew ...
|
2020-07-09 12:19:01 -07:00 |
|
max furman
|
fd05f3249b
|
A few last fixes and tests added for rekey/renew ...
- remove all `renewOrRekey`
- explicitly test difference between renew and rekey (diff pub keys)
- add back tests for renew
|
2020-07-09 12:11:40 -07:00 |
|
Max
|
ea9bc493b8
|
Merge pull request #307 from dharanikumar-s/master
Add support for rekeying Fixes #292
|
2020-07-09 11:39:00 -07:00 |
|
Carl Tashian
|
4150ded4c1
|
First stab at a README update 😱
|
2020-07-08 18:42:43 -07:00 |
|
max furman
|
b5699892ad
|
Add github response to frequenty asked questions doc
- security risks of exposing the OAuth Client Secret in the output of
`step ca provisioner list`
|
2020-07-08 15:18:30 -07:00 |
|
dharanikumar-s
|
57fb0c80cf
|
Removed calculating SubjectKeyIdentifier on Rekey
|
2020-07-08 12:52:53 +05:30 |
|
dharanikumar-s
|
dfda497929
|
Renamed RenewOrRekey to Rekey
|
2020-07-08 11:47:59 +05:30 |
|
Carl Tashian
|
4bde83a262
|
Fixes #295
|
2020-07-07 13:09:15 -07:00 |
|
dharanikumar-s
|
fe73154a20
|
Corrected misspelling
|
2020-07-05 22:50:02 +05:30 |
|
dharanikumar-s
|
a3b5211e0f
|
gofmted the code
|
2020-07-05 22:40:36 +05:30 |
|
dharanikumar-s
|
0c21f0ae9e
|
Added error check after GenerateDefaultKeyPair
|
2020-07-05 22:38:45 +05:30 |
|
dharanikumar-s
|
2479371c06
|
Added error check while marshalling public key
|
2020-07-05 22:37:29 +05:30 |
|
dharanikumar-s
|
b368a53149
|
Modified TestAuthority_Renew to TestAuthority_RenewOrRekey
|
2020-07-05 22:17:57 +05:30 |
|
dharanikumar-s
|
c8c3581e2f
|
SubjectKeyIdentifier extention is calculated from public key passed to this function instead of copying from old certificate
|
2020-07-05 22:15:01 +05:30 |
|
dharanikumar-s
|
954fda657b
|
Added renewOrRekey to mockAuthority. Added Test_caHandler_Rekey
|
2020-07-05 22:05:00 +05:30 |
|
dharanikumar-s
|
01a6469d25
|
Moved peer certificate check to the first line
|
2020-07-03 16:00:22 +05:30 |
|
dharanikumar-s
|
8f504483ce
|
Added RenewOrRekey function based on @maraino suggestion. RenewOrReky is called from Renew.
|
2020-07-03 15:58:15 +05:30 |
|
Mariano Cano
|
6736ddee69
|
Use smallstep/cli v0.14.6
|
2020-07-02 13:55:00 -07:00 |
|