mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity
787 commits 33 branches 197 tags 41 MiB
Commit graph

55 commits

Author SHA1 Message Date
max furman
b265877050 Simplify statuscoder error generators. 2020-01-24 13:46:11 -08:00
max furman
c387b21808 Introduce generalized statusCoder errors and loads of ssh unit tests. 
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
 2020-01-22 17:25:23 -08:00
max furman
aa58940582 Should be returning nil from applyIdentity if cert expired. 2019-12-17 15:53:37 -08:00
max furman
f9ef5070f9 Move api errors to their own package and modify the typedef 2019-12-17 14:26:02 -08:00
Mariano Cano
7ecb831e07 Add wrappers to identity methods in the ca package. 2019-12-12 13:16:17 -08:00
Mariano Cano
0d9a9e083e Add identity client and move identity to a new package. 2019-12-11 20:23:44 -08:00
Mariano Cano
28b08ef46b Fail silently if the identity fails. 2019-12-11 16:27:37 -08:00
Max
1f42637ba1
Merge pull request #143 from smallstep/expired-cert 
Expired cert
 2019-12-11 14:55:21 -08:00
max furman
1e17ec7d33 Use x5cInsecure token for /ssh/check-host endpoint 2019-12-11 14:54:29 -08:00
Mariano Cano
7fe1eb8686 Add GetTransport to client. 2019-12-10 16:34:24 -08:00
Mariano Cano
b25cbbe6ca Create a custom client that sends a custom User-Agent. 2019-11-27 17:30:06 -08:00
Mariano Cano
c5e34f777c Replace /ssh/get-hosts to /ssh/hosts 2019-11-27 14:27:23 -08:00
Mariano Cano
b97aeedb78 Fix tests. 2019-11-26 18:53:36 -08:00
Mariano Cano
87ce2c9b4b Add Identity helpers. 2019-11-20 19:12:19 -08:00
Mariano Cano
012f64cdad Add version support to the ca.Client. 2019-11-20 17:15:48 -08:00
Mariano Cano
80ee3645c4 Fix directory permissions. 2019-11-20 16:03:31 -08:00
Mariano Cano
af6f6b4a85 Support for retry and identity files. 2019-11-20 11:52:20 -08:00
Mariano Cano
18f8d90cd7 Add support for identity authentication. 2019-11-20 11:52:20 -08:00
Mariano Cano
35b7539243 Add client method for SSHBastion 2019-11-14 20:32:38 -08:00
max furman
a9ea292bd4 sshpop provisioner + ssh renew | revoke | rekey first pass 2019-11-05 16:41:42 -08:00
max furman
36fc7fa174 get-hosts fixes 2019-11-05 16:41:17 -08:00
max furman
64b69374fa Add SSH getHosts api 2019-11-05 16:41:17 -08:00
Mariano Cano
605d39e4e8 Add proxycommand and new lines to templates. 2019-11-05 16:41:17 -08:00
Mariano Cano
3ee0dcec93 Add initial support for check-host endpoint. 2019-11-05 16:41:17 -08:00
Mariano Cano
a50d59338e Rename SSH methods. 2019-11-05 16:41:17 -08:00
Mariano Cano
e84489775b Add support for multiple ssh roots. 
Fixes #125
 2019-11-05 16:41:17 -08:00
Mariano Cano
7b8bb6deb4 Add initial support for ssh config. 
Related to smallstep/cli#170
 2019-11-05 16:41:17 -08:00
Mariano Cano
fe3149cf52 Add endpoint to return the SSH public keys. 
Related to smallstep/ca-component#195
 2019-11-05 16:41:17 -08:00
Mariano Cano
10e7b81b9f Merge branch 'master' into ssh-ca 2019-09-05 23:06:01 +02:00
max furman
635c59ed24 Accept emails SANs 2019-08-23 15:59:30 -07:00
Mariano Cano
1c8f610ca9 Add initial implementation of an SSH CA using the JWK provisioner. 
Fixes smallstep/ca-component#187
 2019-07-23 18:46:43 -07:00
Mariano Cano
f9e2ea9bd6 Revert "Do not depend on config package." 
This reverts commit cc1c6f2cb4.
 2019-06-18 14:44:19 -07:00
Mariano Cano
cc1c6f2cb4 Do not depend on config package. 
Config package will panic if it cannot create the step path folder.
 2019-06-18 13:16:23 -07:00
Mariano Cano
01b6aebbf7 Make provisioner more configurable. 
The intention of this change is to make it usable from cert-manager.
 2019-06-17 19:01:04 -07:00
Mariano Cano
43c5831582 Merge branch 'master' into step-sds 2019-04-11 11:47:20 -07:00
max furman
ab4d569f36 Add /revoke API with interface db backend 2019-04-10 13:50:35 -07:00
Mariano Cano
888ef147fa Expose a way to update the transport. 2019-04-03 19:37:12 -07:00
Mariano Cano
5ce5a891f7 Add email SAN with email parameter in the JWK 2019-03-06 17:01:12 -08:00
Mariano Cano
262a9d0978
Merge pull request #27 from smallstep/mariano/renew-pool 
SDK should update certificate pools safely
 2019-02-06 16:56:38 -08:00
max furman
3415a1fef8 move SplitSANs to cli 2019-02-05 19:32:01 -08:00
max furman
6937bfea7b claims.SANS -> claims.SANs 2019-02-04 20:22:02 -08:00
Mariano Cano
4c9dccd3f6 Allow multiple certificates in the root pem. 2019-02-04 10:29:52 -08:00
max furman
f0683c2e0a Enable signing certificates with custom SANs 
* validate against SANs in token. must be 1:1 equivalent.
 2019-01-30 18:21:03 -06:00
Mariano Cano
dbd1bf11f1 Rename variable. 2019-01-14 17:35:38 -08:00
Mariano Cano
7dc61bf233 Remove deprecated code 2019-01-11 19:13:06 -08:00
Mariano Cano
518b597535 Remove mTLS client requirement in /roots and /federation 2019-01-11 19:08:08 -08:00
Mariano Cano
d296cf95a9 Add mTLS request to get all the root CAs, not the federated ones. 2019-01-07 17:48:56 -08:00
Mariano Cano
722bcb7e7a Add initial support for federated root certificates. 2019-01-04 17:51:32 -08:00
Mariano Cano
b0a410066b Add support for parsing endpoints without schema. 
Fixes smallstep/ca-component#117
 2018-11-26 18:29:45 -08:00
max furman
c74fcd57a7 ca-component -> certificates 
* fix redundant error check
* add README
 2018-10-31 21:36:01 -07:00