mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity
2034 commits 33 branches 197 tags 41 MiB
Commit graph

2034 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mariano Cano
568fce201a Enforce identity cert to match ssh cert on renewals. 2021-08-23 15:15:36 -07:00
max furman
a3028bbc0e Add test for updateAddOrderIDs 2021-08-18 23:44:57 -07:00
Mariano Cano
31d3bf1cfc
Update discord link 2021-08-18 18:50:31 -07:00
Carl Tashian
050b233d43 Merge branch 'docker-init' 2021-08-18 13:43:19 -07:00
Carl Tashian
f738cb43c3 Make the default provisioner name optional; change DNS names variable name 2021-08-18 13:37:58 -07:00
Carl Tashian
7f2516f33d
Merge pull request #678 from smallstep/docker-init 
New Dockerfile with entrypoint script for easy CA init
 2021-08-18 12:54:00 -07:00
Carl Tashian
4e8e4c638e Add newline to password file for readabiliy 2021-08-18 12:50:14 -07:00
max furman
f53f78974e Badger bump to fix issue with caddy build 2021-08-18 11:38:31 -07:00
Carl Tashian
bc63829111 Auto-generate password by default 2021-08-18 11:11:05 -07:00
Carl Tashian
7ab26c8303 Auto-generate password by default 2021-08-18 11:09:26 -07:00
Mariano Cano
33b6d4c3c8
Merge pull request #677 from smallstep/go1.17 
Go 1.17 compatibility
 2021-08-18 09:54:36 -07:00
Carl Tashian
b88b2f9808 Just adding a comment to the step-ra install script 2021-08-18 08:46:37 -07:00
Carl Tashian
8d52379771 New Dockerfile with entrypoint script for easy CA init 2021-08-17 17:17:28 -07:00
Mariano Cano
dc5205cc72 Extract the tls error code and fail accordingly. 2021-08-17 17:06:25 -07:00
Mariano Cano
ae58a0ee4e Make tests compatible with Go 1.17. 
With Go 1.17 tls.Dial will fail if the client and server configured
protocols do not overlap. See https://golang.org/doc/go1.17#ALPN
 2021-08-17 16:31:53 -07:00
Mariano Cano
abd78e2d2a Make kms uri compatible with Go 1.17. 
Go 1.17 introduces a change in the net/url package disallowing the
use of semicolon (;) in URL queries. We used url.ParseQuery to
decode the opaque string that is semicolon separated. This change
replaces the semicolon with ampersands before decoding it.
 2021-08-17 13:25:55 -07:00
Mariano Cano
a864f0134d Fix key version when SHA512WithRSA is used. 
There was a typo creating RSA keys with SHA256 digests instead of
SHA512
 2021-08-16 14:47:38 -07:00
Mariano Cano
6a7ea71f19
Merge pull request #672 from smallstep/azure-tofu 
Allow the reuse of azure tokens if DisableTrustOnFirstUse is true
 2021-08-11 15:03:47 -07:00
Mariano Cano
d4ae267add Fix ErrAllowTokenReuse comment. 2021-08-11 14:59:26 -07:00
Mariano Cano
9e5762fe06 Allow the reuse of azure token if DisableTrustOnFirstUse is true 
Azure caches tokens for 24h and we cannot issue a new certificate
for the same instance in that period of time.

The meaning of this parameter is to allow the signing of multiple
certificate in one instance. This is possible in GCP, because we
get a new token, and is possible in AWS because we can generate
a new one. On Azure there was no other way to do it unless you
wait for 24h.

Fixes #656
 2021-08-11 11:50:54 -07:00
Carl Tashian
9572c62520
Merge pull request #657 from smallstep/ra-installer 
RA install script
 2021-08-02 11:39:02 -07:00
Carl Tashian
97af829805 RA install script 2021-07-28 13:55:35 -07:00
Carl Tashian
53d08e1f5c
Remove microbadger.com (the website is gone) 2021-07-27 12:03:52 -07:00
Carl Tashian
8f4c833845
Update README.md 2021-07-27 12:01:50 -07:00
Carl Tashian
cff19691b3
Merge pull request #654 from smallstep/needs-renewal 
Fix needs-renewal condition and switch to using ExecCondition
 2021-07-21 14:34:42 -05:00
Carl Tashian
09b554f855
Merge pull request #609 from smallstep/discord 
update gitter to discord
 2021-07-21 12:24:27 -05:00
Carl Tashian
22ef324534 Fix needs-renewal condition and switch to using ExecCondition 2021-07-21 11:49:10 -05:00
Carl Tashian
f8c137af4f
Update provisioners.md 2021-07-20 10:32:18 -05:00
Carl Tashian
28acc1b7d2
Merge pull request #653 from smallstep/needs-renewal 
systemd cert renewer can now use 'step certificate needs-renewal'
 2021-07-20 09:38:52 -05:00
Carl Tashian
0dd6564b1e
README link fixes 2021-07-19 13:05:01 -05:00
Carl Tashian
3e5b90b6fa systemd cert renewer can now use 'step certificate needs-renewal' 2021-07-19 08:34:22 -05:00
max furman
bd51b1f85b Updates for new issue page 2021-07-16 15:09:38 -07:00
max furman
a3af991261 Update pull request labeler action 2021-07-16 12:15:03 -07:00
max furman
b71ff09a08 UI updates for certificates new issue page 2021-07-16 10:50:22 -07:00
Mariano Cano
4aa529605d
Merge pull request #641 from hillu/quote-serial 
Log certificate's serial number as stringified decimal number
 2021-07-16 18:53:51 +02:00
Mariano Cano
76413b845e
Merge pull request #644 from hslatman/hs/fix-provisioner-name-log 
Fix logging provisioner name as string
 2021-07-16 04:38:40 +02:00
Herman Slatman
9210a6740b
Fix logging provisioner name as string 2021-07-15 23:13:08 +02:00
Hilko Bengen
edb01bc9f2 Log certificate's serial number as stringified decimal number 
Using a JSON string fixes a common issue with JSON parsers that
deserialize all numbers to a 64-bit IEEE-754 floats. (Certificate
serial numbers are usually 128 bit values.)

This change is consistent with existing log entries for revocation
requests.

See also: #630, #631
 2021-07-14 12:06:28 +02:00
Max
b9743b36e1
Merge pull request #599 from smallstep/max/cert-mgr-crud 
certificate manager
 2021-07-08 16:29:30 -07:00
max furman
857a50434c Merge branch 'master' into max/cert-mgr-crud 2021-07-08 16:25:52 -07:00
Max
517fab1b54
Merge pull request #602 from hslatman/hs/ip-verification 
IP Identifier Validation [RFC8738]
 2021-07-08 16:24:34 -07:00
max furman
681226a798 Merge branch 'master' into max/cert-mgr-crud 2021-07-08 16:21:09 -07:00
max furman
1df21b9b6a Addressing comments in PR review 
- added a bit of validation to admin create and update
- using protojson where possible in admin api
- fixing a few instances of admin -> acme in errors
 2021-07-06 17:14:13 -07:00
Mariano Cano
bc14341387 Fix bootstrap command. 2021-07-06 16:35:00 +02:00
max furman
5679c9933d Fixes from PR review 2021-07-03 12:08:30 -07:00
max furman
77fdfc9fa3 Merge branch 'master' into max/cert-mgr-crud 2021-07-02 20:26:46 -07:00
max furman
9fdef64709 Admin level API for provisioner mgmt v1 2021-07-02 19:05:17 -07:00
Kevin Chen
9d4e6e315a update readme page 2021-06-29 11:01:53 -07:00
Herman Slatman
8e4a4ecc1f
Refactor tests for sans 2021-06-26 00:48:40 +02:00
Herman Slatman
87b72afa25
Fix IP equality check and add more tests 2021-06-26 00:13:44 +02:00