Commit graph

7 commits

Author SHA1 Message Date
Herman Slatman
479eda7339
Improve error message when client renews with expired certificate
When a client provides an expired certificate and `AllowAfterExpiry`
is not enabled, the client would get a rather generic error with
instructions to view the CA logs. Viewing the CA logs can be done
when running `step-ca`, but they can't be accessed easily in the
hosted solution.

This commit returns a slightly more informational message to the
client in this specific situation.
2022-05-19 01:25:30 +02:00
Herman Slatman
5e9bce508d
Unexport GetPolicy() 2022-05-05 12:32:53 +02:00
Herman Slatman
c40a4d2694
Contain policy engines inside provisioner Controller 2022-04-22 01:20:38 +02:00
Mariano Cano
674dc3c844 Rename unreleased claim to allowRenewalAfterExpiry for consistency. 2022-04-13 15:11:54 -07:00
Mariano Cano
c903f00cd4 Rename claim to allowRenewAfterExpiry. 2022-03-14 15:40:01 -07:00
Mariano Cano
389815642d Fix tests: certs are truncated to seconds. 2022-03-10 10:46:28 -08:00
Mariano Cano
fd6a2eeb9c Add provisioner controller
The provisioner controller has the implementation of the identity
function as well as the renew methods with renew after expiry
support.
2022-03-09 18:39:09 -08:00