Mariano Cano
|
efc2180c4a
|
Complete AuthDB interface.
|
2019-11-14 10:49:13 -08:00 |
|
Mariano Cano
|
a4fd76f1a8
|
Make provisioner tests compile, they are still failing.
|
2019-11-14 10:48:06 -08:00 |
|
Mariano Cano
|
0c3b9ebf45
|
Fix indentation.
|
2019-11-13 11:18:05 -08:00 |
|
Mariano Cano
|
69a7058ff0
|
Remove global check for number of k8sSA provisioners.
This was causing a bug in the reload of the ca.
|
2019-11-08 17:44:39 -08:00 |
|
max furman
|
e679deddd7
|
sshpop token should not allow renew/rekey of user ssh certs
|
2019-11-07 21:39:36 -08:00 |
|
max furman
|
946094d2b7
|
Add multiuse capability to k8ssa provisioners
|
2019-11-06 15:54:04 -08:00 |
|
max furman
|
a9ea292bd4
|
sshpop provisioner + ssh renew | revoke | rekey first pass
|
2019-11-05 16:41:42 -08:00 |
|
max furman
|
b5f15531d8
|
sshpop first pass
|
2019-11-05 16:41:17 -08:00 |
|
max furman
|
64b69374fa
|
Add SSH getHosts api
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
cf2b9301c0
|
Change default user duration to 16h.
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
e5da24f269
|
Fix list of user ssh public keys.
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
91ccc3802c
|
Fix lint error.
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
c2e20c7877
|
Add tests for ssh authority methods.
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
40052a1824
|
Add some ssh related tests.
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
38d735be6e
|
Add support for federated keys.
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
3ee0dcec93
|
Add initial support for check-host endpoint.
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
a50d59338e
|
Rename SSH methods.
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
e84489775b
|
Add support for multiple ssh roots.
Fixes #125
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
caa2174efc
|
Add support for user data in templates.
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
7b8bb6deb4
|
Add initial support for ssh config.
Related to smallstep/cli#170
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
c6a5772356
|
Fix tests.
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
fe3149cf52
|
Add endpoint to return the SSH public keys.
Related to smallstep/ca-component#195
|
2019-11-05 16:41:17 -08:00 |
|
Mariano Cano
|
dc6ffb7670
|
Add initial implementation of ssh config.
|
2019-11-05 16:41:17 -08:00 |
|
max furman
|
8f07ff6a39
|
Add kubernetes service account provisioner
|
2019-10-29 17:42:50 -07:00 |
|
Max
|
0a96062b76
|
Merge pull request #128 from jkralik/returnCertChain
Change api of functions Authority.Sign, Authority.Renew
|
2019-10-18 14:00:18 -07:00 |
|
max furman
|
d368791606
|
Add x5c provisioner capabilities
|
2019-10-14 14:51:37 -07:00 |
|
Jozef Kralik
|
bc6074f596
|
Change api of functions Authority.Sign, Authority.Renew
Returns certificate chain instead of 2 members.
Implements #126
|
2019-10-09 22:23:00 +02:00 |
|
Mariano Cano
|
59526d3225
|
Merge pull request #105 from smallstep/okta-support
Address support on OIDC provisioners
|
2019-09-20 15:33:11 -07:00 |
|
Mariano Cano
|
39b41b5e83
|
Merge pull request #107 from smallstep/ssh-valid-after
Truncate to seconds ValidAfter
|
2019-09-19 15:27:28 -07:00 |
|
Mariano Cano
|
d59a5b222f
|
Truncate to seconds to avoid rounding up times.
It can cause that certs are not valid yet, if they are used right away.
|
2019-09-19 13:42:24 -07:00 |
|
max furman
|
fe7973c060
|
wip
|
2019-09-19 13:17:45 -07:00 |
|
Mariano Cano
|
adc1d54b0d
|
Define valid after as 1m before now.
It avoids errors with immediate use of cert.
|
2019-09-19 12:37:41 -07:00 |
|
Mariano Cano
|
72f1a61f06
|
Increase coverage.
|
2019-09-18 18:08:26 -07:00 |
|
Mariano Cano
|
b7045f27a9
|
Increase coverage.
|
2019-09-18 17:13:58 -07:00 |
|
Mariano Cano
|
a16b2125bc
|
Fix tests.
|
2019-09-18 16:04:43 -07:00 |
|
Mariano Cano
|
6c4abfabbb
|
Make /.well-known/openid-configuration optional
|
2019-09-18 15:54:10 -07:00 |
|
Mariano Cano
|
3527ee6940
|
Add support for listenAddress parameter if OIDC provisioners.
Fixes smallstep/cli#150
|
2019-09-18 15:25:28 -07:00 |
|
max furman
|
44e864030d
|
Remove debug logging
|
2019-09-16 10:45:33 -07:00 |
|
max furman
|
e3826dd1c3
|
Add ACME CA capabilities
|
2019-09-13 15:48:33 -07:00 |
|
max furman
|
d204469280
|
Add a few more validity checks to default ssh cert validator
|
2019-09-12 19:27:59 -07:00 |
|
Mariano Cano
|
396b4222aa
|
Implement validator for ssh keys.
Fixes #100
|
2019-09-10 17:04:13 -07:00 |
|
max furman
|
61d52a8510
|
Small fixes associated with PR review
* additions and grammar edits to documentation
* clarification of error msgs
|
2019-09-08 21:05:36 -07:00 |
|
Mariano Cano
|
10e7b81b9f
|
Merge branch 'master' into ssh-ca
|
2019-09-05 23:06:01 +02:00 |
|
max furman
|
ac234771c7
|
Remove unknown provisioner WARNning and leave TODO
|
2019-08-29 10:49:52 -07:00 |
|
max furman
|
ca8daf5f12
|
Update comment and warn
|
2019-08-28 17:28:03 -07:00 |
|
Mariano Cano
|
9200f11ed8
|
Skip unsupported provisioners.
|
2019-08-28 17:25:39 -07:00 |
|
Max
|
5dac2459c3
|
Merge pull request #96 from smallstep/max/2084
Enforce >= 2048 bit rsa keys in CSRs
|
2019-08-28 09:41:58 -07:00 |
|
max furman
|
d3e74a0d2e
|
switch from metalinter to golangci-lint
|
2019-08-27 16:39:48 -07:00 |
|
max furman
|
2b41faa9cf
|
Enforce >= 2048 bit rsa keys at the provisioner layer
* Fixes #94
* In the future this should be configurable by provisioner
|
2019-08-27 14:44:59 -07:00 |
|
max furman
|
635c59ed24
|
Accept emails SANs
|
2019-08-23 15:59:30 -07:00 |
|