Mariano Cano
d46990d4c4
Add support for step ca init with a RA.
2020-10-19 18:42:03 -07:00
Mariano Cano
ef92a3a6d7
Move cas options under authority.
2020-10-19 18:08:51 -07:00
Mariano Cano
6838233416
Merge pull request #395 from smallstep/aws-identity-cert
...
Add option to specify the AWS IID certificates to use.
2020-10-15 17:14:20 -07:00
Mariano Cano
6a7b564ef9
Unify indent type.
...
This change changes the indentation used by `step ca init` to be
consistent with Config.Save used by `step ca provisioner *`.
2020-10-13 18:53:45 -07:00
Mariano Cano
7d1686dc53
Add option to specify the AWS IID certificates to use.
...
This changes adds a new option `iidRoots` that allows a user to
define one or more certificates that will be used for AWS IID
signature validation.
Fixes #393
2020-10-13 17:51:24 -07:00
Mariano Cano
647b9b4541
Merge pull request #367 from smallstep/cas
...
Support for CAS Interface and CloudCAS
2020-10-05 18:09:01 -07:00
Mariano Cano
3e0ab8fba7
Fix typo.
2020-10-05 18:00:50 -07:00
Mariano Cano
d64427487d
Add comment about the missing error check.
2020-10-05 17:39:44 -07:00
Mariano Cano
8381e9bd17
Fix typos.
2020-10-05 17:20:22 -07:00
Carl Tashian
329f401e58
Update cas.md
...
Needed to run two commands to set up IAM roles because passing `--role` twice only uses the second value passed.
2020-09-29 15:46:53 -07:00
Carl Tashian
3f55f22b2e
Update cas.md
...
Added `--location` flag to a couple of the commands
2020-09-29 15:24:15 -07:00
Carl Tashian
c963883d60
Merge pull request #377 from smallstep/gh-discussions
...
Change Gitter links to GH Discussions tab
2020-09-28 14:10:12 -07:00
Mariano Cano
7d779e12db
Change service account name.
2020-09-24 12:45:19 -07:00
Mariano Cano
52d857a302
Update CloudCAS instructions.
2020-09-24 12:43:25 -07:00
Mariano Cano
066c7ee10b
Fix iam permissions.
2020-09-24 12:37:29 -07:00
Carl Tashian
fd07e25e61
Change Gitter links to GH Discussions tab
2020-09-23 16:36:37 -07:00
Mariano Cano
42ce78ed43
Add initial docs for CAS.
2020-09-22 13:32:48 -07:00
Mariano Cano
072adc906e
Print root fingerprint for CloudCAS.
2020-09-22 13:23:48 -07:00
Mariano Cano
8e6d7accf8
Do not add the CRL distribution points extension.
...
This extension is added by CloudCAS.
2020-09-21 17:09:46 -07:00
Mariano Cano
38fa780775
Add interface to get root certificate from CAS.
...
This change makes easier the configuration of cloudCAS as it does
not require to configure the root or intermediate certificate
in the ca.json. CloudCAS will get the root certificate using
the configured certificateAuthority.
2020-09-21 15:27:20 -07:00
Mariano Cano
fa099f2ae2
Change method name.
2020-09-21 15:11:25 -07:00
Mariano Cano
d0086fe9ba
Merge pull request #375 from smallstep/admin-templates
...
Use new admin template for K8ssa and admin-OIDC provisioners.
2020-09-21 13:58:09 -07:00
Mariano Cano
4c8bf87dc1
Use new admin template for K8ssa and admin-OIDC provisioners.
...
This change replaces the .Insecure.CR template to one that sets
all the SANs, but uses key usages and extended key usages for
regular TLS certificates.
2020-09-21 12:49:16 -07:00
Mariano Cano
309d9ddcc4
Merge pull request #374 from smallstep/missing-token-ids
...
Create a hash of a token if a token id is empty.
2020-09-21 10:02:58 -07:00
Mariano Cano
d79b4e709e
Create a hash of a token if a token id is empty.
2020-09-18 16:25:08 -07:00
Mariano Cano
656315bd61
Merge pull request #371 from smallstep/bundle-awskms-init
...
Add step-awskms-init to the binary releases.
2020-09-18 11:12:26 -07:00
Mariano Cano
c2fd6a8421
Add step-awskms-init to the binary releases.
...
Fixes 332
2020-09-18 11:01:54 -07:00
Mariano Cano
4f3b24af8f
Merge pull request #370 from smallstep/yubi-management-key
...
Make the YubiKey management key configurable.
2020-09-17 16:15:24 -07:00
Mariano Cano
f100b2d0e3
Make the YubiKey management key configurable.
...
With this change the default management key is not required as the
user is able to set its own.
Fixes #323
2020-09-17 16:07:32 -07:00
Mariano Cano
a332c40530
Merge branch 'master' into cas
2020-09-17 14:46:52 -07:00
Mariano Cano
87bbcee239
Update go.sum
2020-09-17 11:17:46 -07:00
Mariano Cano
9573b47efb
Merge pull request #369 from acipia/master
...
avoid using yubikey attestation cert
2020-09-17 11:15:49 -07:00
max furman
3e874a1e72
Fix RHEL/CentOS install docs
2020-09-16 20:53:58 -07:00
Mariano Cano
884a6f5dd0
Skip test on CI.
2020-09-16 14:03:26 -07:00
Mariano Cano
91aa1e87f1
Do not use go 1.15 methods.
2020-09-16 13:51:49 -07:00
Mariano Cano
60515d92c5
Remove unnecessary properties.
2020-09-16 13:31:26 -07:00
Pierre Laden
692f7692a2
fix #2 indentation
2020-09-16 22:26:53 +02:00
Pierre Laden
290d5ee979
fix gofmt complain
2020-09-16 22:15:42 +02:00
Pierre Laden
179e793f1a
- provide PINpolicy always to piv-go to avoid trying to use attestation cert, which we might not have
...
- bump piv-go version to 1.6.0
2020-09-16 21:59:48 +02:00
Mariano Cano
f2dd5c48cc
Fix linting errors.
2020-09-16 12:41:43 -07:00
Mariano Cano
8957e5e5a2
Add missing tests
2020-09-16 12:34:42 -07:00
Mariano Cano
e146b3fe16
Add Unit tests for softcas.
2020-09-15 19:37:02 -07:00
Mariano Cano
1550a21f68
Fix unit tests.
2020-09-15 18:14:21 -07:00
Mariano Cano
e17ce39e3a
Add support for Revoke using CAS.
2020-09-15 18:14:03 -07:00
Mariano Cano
144ffe73dd
Complete unit tests for Google CAS.
2020-09-15 17:23:11 -07:00
Mariano Cano
f7d066fca8
Fix key usages.
2020-09-15 15:19:59 -07:00
Mariano Cano
01e6495f43
Add most of cloudcas unit tests and minor fixes.
2020-09-14 19:13:40 -07:00
Mariano Cano
8eff4e77a8
Comment request structs.
2020-09-14 19:12:49 -07:00
Mariano Cano
bd8dd9da41
Do not read issuer and signer twice.
2020-09-10 19:13:17 -07:00
Mariano Cano
aad8f9e582
Pass issuer and signer to softCAS options.
...
Remove commented code and initialize CAS properly.
Minor fixes in CloudCAS.
2020-09-10 19:09:46 -07:00