Herman Slatman
d981b9e0dc
Add --admin-subject
flag to ca init
...
The first super admin subject can now be provided through the
`--admin-subject` flag when initializing a CA.
It's not yet possible to configure the subject of the first
super admin when provisioners are migrated from `ca.json` to the
database. This effectively limits usage of the flag to scenarios
in which the provisioners are written to the database immediately,
so when `--remote-management` is enabled. It currently also doesn't
work with Helm deployments, because there's no mechanism yet to
pass this type of option to the Helm chart.
This commit partially addresses https://github.com/smallstep/cli/issues/697
2022-10-14 16:03:41 +02:00
Herman Slatman
c423e2f664
Improve Helm test data to be more realistic
2022-10-14 13:52:27 +02:00
Herman Slatman
317efa4568
Add some TODOs for improvingin PKI initialization maintainability
2022-10-11 17:39:35 +02:00
max furman
ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors
2022-09-20 16:35:41 -07:00
Mariano Cano
369b8f81c3
Use go.step.sm/crypto/kms
...
Fixes #975
2022-08-08 17:58:18 -07:00
Carl Tashian
9848caf49f
Create the db directory on step ca init
2022-01-12 12:35:37 -08:00
max furman
7fac8c96c3
Merge branch 'master' into max/context
2021-11-17 11:40:01 -08:00
max furman
d37313bef4
Use 0600 for profile defaults file.
2021-11-16 21:47:14 -08:00
max furman
fcc15174ea
Rename templates and create profileConfig dir ahead of time.
2021-11-16 21:47:14 -08:00
max furman
43cba993bb
PR fixes
...
- Line -> PrependLine
- dont' overwrite profileDefaults
- update ssh/config.tpl to always include includes file
2021-11-16 21:47:14 -08:00
max furman
3e9830e363
Use profileDefaults in PKI
...
- write profile defaults at the same time as authority defaults
2021-11-16 21:47:14 -08:00
max furman
d777fc23c2
Add ca.WithInsecure and use methods for file names
2021-11-16 21:47:14 -08:00
max furman
ed4b56732e
updates after rebase to keep up with master
2021-11-16 21:47:14 -08:00
max furman
7eeebca529
Enable step path contexts in identity and pki paths
2021-11-16 21:47:14 -08:00
max furman
10db335f13
mv pkg config -> step
2021-11-16 21:47:14 -08:00
Mariano Cano
a2b03083c8
Fix gocritic warnings.
2021-10-12 15:28:08 -07:00
Mariano Cano
e15b5faf7d
Merge branch 'master' into keyvault
2021-10-12 15:15:35 -07:00
Mariano Cano
5d0bd7d155
Fix grammar in comments.
2021-10-12 15:14:01 -07:00
Mariano Cano
781d5fb6e8
Fix creation of ssh certificates on step ca init.
2021-10-08 14:25:24 -07:00
max furman
933b40a02a
Introduce gocritic linter and address warnings
2021-10-08 14:59:57 -04:00
Mariano Cano
ece67fefff
Add support for kms in pki package.
...
Adding support to kms in the pki packages opens the door to use
kms implementations in `step ca init`
2021-10-07 17:28:39 -07:00
Mariano Cano
4fde7b5250
Use badgerv2 the default in helm too.
...
Use also port 443 for the ca-url, as we usually access through the
service, this can be overridden by --with-ca-url flag in the cli.
2021-09-17 12:49:16 -07:00
Mariano Cano
8cb62b6d67
Fix ssh in helm chart values.
2021-08-26 10:20:16 -07:00
Mariano Cano
516b74f43a
Add comment about unused code.
2021-08-23 15:33:16 -07:00
Mariano Cano
ff25f4974f
Fix comment.
2021-08-23 15:29:18 -07:00
Mariano Cano
b1f59586ab
Update message to align with UI.
2021-08-13 11:59:12 -07:00
Mariano Cano
66f6c73655
Update badger driver to use v2 by default.
2021-08-11 11:19:29 -07:00
Mariano Cano
072ba4227c
Add deployment type to config.
...
This field is ignored except for the start of the ca. If the type
is linked and the token is not passed, it will fail with an error.
2021-08-10 17:07:15 -07:00
Mariano Cano
56bb3eb6e1
Add next steps for linked ca.
2021-08-10 14:54:31 -07:00
Mariano Cano
47a30f1524
Add JWK provisioner to generic config.
...
Fix linter errors.
2021-08-06 14:58:03 -07:00
Mariano Cano
640f523150
Remove unused function.
2021-08-06 14:31:49 -07:00
Mariano Cano
81004ce1f9
Remove deprecated functions.
2021-08-05 17:36:18 -07:00
Mariano Cano
79cf059447
Remove deprecated methods and write all pki files at once.
2021-08-05 15:57:13 -07:00
Mariano Cano
ad4dbd6764
Write all files on save.
2021-08-05 12:58:54 -07:00
Mariano Cano
50f7a0d0c0
Work in progress implementation of PKI with helm support
2021-08-04 20:15:26 -07:00
Mariano Cano
721459210e
Make pki initialization more flexible.
2021-08-02 16:07:30 -07:00
max furman
7b5d6968a5
first commit
2021-05-19 15:20:16 -07:00
Mariano Cano
9270d432ea
Remove unused code.
2020-11-03 12:44:54 -08:00
Mariano Cano
1d48f00723
Add method to create a CertificateAuthorityResponse.
2020-11-03 12:44:54 -08:00
Mariano Cano
2b4b902975
Add initial support for step ca init
with cloud cas.
...
Fixes smallstep/cli#363
2020-11-03 12:44:28 -08:00
Mariano Cano
40d0596b71
Use smallstep/cli-utils instead of smallstep/cli
2020-10-29 13:10:03 -07:00
Mariano Cano
d46990d4c4
Add support for step ca init with a RA.
2020-10-19 18:42:03 -07:00
Mariano Cano
6a7b564ef9
Unify indent type.
...
This change changes the indentation used by `step ca init` to be
consistent with Config.Save used by `step ca provisioner *`.
2020-10-13 18:53:45 -07:00
Carl Tashian
fd07e25e61
Change Gitter links to GH Discussions tab
2020-09-23 16:36:37 -07:00
Mariano Cano
c94a1c51be
Merge branch 'master' into ssh-cert-templates
2020-08-24 15:08:28 -07:00
Mariano Cano
ba918100d0
Use go.step.sm/crypto/jose
...
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
2020-08-24 14:44:11 -07:00
Mariano Cano
d30a95236d
Use always go.step.sm/crypto
2020-08-14 15:33:50 -07:00
Mariano Cano
8c2d5425e7
Use new x509util on pki package.
2020-08-10 19:05:27 -07:00
Mariano Cano
4943ae58d8
Move TLSOption, TLSVersion, CipherSuites and ASN1DN to certificates.
2020-08-10 15:29:18 -07:00
max furman
3fb116f1b4
Add SSHPOP default provisioner if SSH enabled during init
2020-07-31 11:05:26 -07:00