mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity
740 commits 33 branches 197 tags 41 MiB
Commit graph

285 commits

Author SHA1 Message Date
Mariano Cano
d59a5b222f Truncate to seconds to avoid rounding up times. 
It can cause that certs are not valid yet, if they are used right away.
 2019-09-19 13:42:24 -07:00
max furman
fe7973c060 wip 2019-09-19 13:17:45 -07:00
Mariano Cano
adc1d54b0d Define valid after as 1m before now. 
It avoids errors with immediate use of cert.
 2019-09-19 12:37:41 -07:00
Mariano Cano
72f1a61f06 Increase coverage. 2019-09-18 18:08:26 -07:00
Mariano Cano
b7045f27a9 Increase coverage. 2019-09-18 17:13:58 -07:00
Mariano Cano
a16b2125bc Fix tests. 2019-09-18 16:04:43 -07:00
Mariano Cano
6c4abfabbb Make /.well-known/openid-configuration optional 2019-09-18 15:54:10 -07:00
Mariano Cano
3527ee6940 Add support for listenAddress parameter if OIDC provisioners. 
Fixes smallstep/cli#150
 2019-09-18 15:25:28 -07:00
max furman
44e864030d Remove debug logging 2019-09-16 10:45:33 -07:00
max furman
e3826dd1c3 Add ACME CA capabilities 2019-09-13 15:48:33 -07:00
max furman
d204469280 Add a few more validity checks to default ssh cert validator 2019-09-12 19:27:59 -07:00
Mariano Cano
396b4222aa Implement validator for ssh keys. 
Fixes #100
 2019-09-10 17:04:13 -07:00
max furman
61d52a8510 Small fixes associated with PR review 
* additions and grammar edits to documentation
* clarification of error msgs
 2019-09-08 21:05:36 -07:00
Mariano Cano
10e7b81b9f Merge branch 'master' into ssh-ca 2019-09-05 23:06:01 +02:00
max furman
ac234771c7 Remove unknown provisioner WARNning and leave TODO 2019-08-29 10:49:52 -07:00
max furman
ca8daf5f12 Update comment and warn 2019-08-28 17:28:03 -07:00
Mariano Cano
9200f11ed8 Skip unsupported provisioners. 2019-08-28 17:25:39 -07:00
Max
5dac2459c3
Merge pull request #96 from smallstep/max/2084 
Enforce >= 2048 bit rsa keys in CSRs
 2019-08-28 09:41:58 -07:00
max furman
d3e74a0d2e switch from metalinter to golangci-lint 2019-08-27 16:39:48 -07:00
max furman
2b41faa9cf Enforce >= 2048 bit rsa keys at the provisioner layer 
* Fixes #94
* In the future this should be configurable by provisioner
 2019-08-27 14:44:59 -07:00
max furman
635c59ed24 Accept emails SANs 2019-08-23 15:59:30 -07:00
Mariano Cano
db4baa0487 Add tests for authority sign ssh methods. 2019-08-05 18:35:00 -07:00
Mariano Cano
34e1e3380a Fix lint errors. 2019-08-05 16:14:25 -07:00
Mariano Cano
57a529cc1a Allow to enable the SSH CA per provisioner 2019-08-05 11:40:27 -07:00
Mariano Cano
e71072d389 Add experimental support for provisioning users. 2019-08-02 17:48:34 -07:00
Mariano Cano
390aecca0b Check for error creating signers. 2019-08-01 18:15:04 -07:00
Mariano Cano
004ea12212 Allow to use custom SSH user/host key files. 2019-08-01 15:04:56 -07:00
Mariano Cano
dc657565a7 Add SSH test for GCP. 2019-07-31 18:22:21 -07:00
Mariano Cano
7983aa8661 Add azure ssh tests. 2019-07-31 18:16:17 -07:00
Mariano Cano
2cac85a8c8 Add aws tests. 2019-07-31 18:11:46 -07:00
Mariano Cano
f8a71899fd Add missing file. 2019-07-31 17:46:28 -07:00
Mariano Cano
d231bfb764 Update jwk and oidc tests. 2019-07-31 17:04:17 -07:00
Mariano Cano
a8f4ad1b8e Set default SSH options if no user options are given. 2019-07-31 17:03:33 -07:00
Mariano Cano
c17375a10a Create convenient method to mock the timeduration. 2019-07-31 12:53:03 -07:00
Mariano Cano
4c1a11c1bc Add Unix method to TimeDuration. 2019-07-31 12:36:31 -07:00
Mariano Cano
b0240772da Add tests for SSH certs with JWK provisioners. 2019-07-30 18:23:54 -07:00
Mariano Cano
780eeb5487 Remove debug print. 2019-07-30 16:56:30 -07:00
Mariano Cano
ad91842d06 Add test for SanitizeSSHUserPrincipal 2019-07-30 15:28:04 -07:00
Mariano Cano
f8cacc11b1 Fix tests. 2019-07-29 18:24:34 -07:00
Mariano Cano
b827a59e96 Add SSH host certificate support for GCP provisioner. 2019-07-29 18:17:20 -07:00
Mariano Cano
221d323b68 Fix containsAllMembers 2019-07-29 18:16:52 -07:00
Mariano Cano
18a285e847 Change azure ssh key id. 2019-07-29 18:04:01 -07:00
Mariano Cano
aef52e4334 Add support for SSH host certificates in azure. 2019-07-29 18:01:20 -07:00
Mariano Cano
7d670b20ea Add support of ssh host certinficates in AWS provisioner. 2019-07-29 17:54:38 -07:00
Mariano Cano
7583f1c739 Do not require all principals, allow subgroups. 2019-07-29 17:54:13 -07:00
Mariano Cano
41b97372e6 Rename function to SanitizeSSHUserPrincipal 2019-07-29 16:38:57 -07:00
Mariano Cano
53f62f871c Set not extensions to host certificates. 2019-07-29 16:36:46 -07:00
Mariano Cano
48c98dea2a Make SanitizeSSHPrincipal a public function. 2019-07-29 16:21:22 -07:00
Mariano Cano
f01286bb48 Add support for SSH certificates to OIDC. 
Update the interface for all the provisioners.
 2019-07-29 15:54:07 -07:00
Mariano Cano
7a64a84761 Pass the given context. 2019-07-29 15:53:09 -07:00