Mariano Cano
|
f5d2f92099
|
Load identity certificate from disk in each connection.
|
2020-03-04 15:02:17 -08:00 |
|
Ivan Bertona
|
9052da66a3
|
Fix linter, tidy go.mod file.
|
2020-02-07 14:42:56 -05:00 |
|
Mariano Cano
|
3d6a18180e
|
Fix a couple of race conditions in the renewal of certificates.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
1cb8bb3ae1
|
Simplify statuscoder error generators.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
dccbdf3a90
|
Introduce generalized statusCoder errors and loads of ssh unit tests.
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
|
2020-01-28 13:29:40 -08:00 |
|
Mariano Cano
|
a025f72af7
|
Disable backdata on ca tests.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
a88ba8eb31
|
Use errs package for HTTP errors.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
47f4ac1b53
|
Add method to just write the identity certificate.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
14e59775bd
|
Add method to renew the identity.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
9aafe265d0
|
Should be returning nil from applyIdentity if cert expired.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
b9f6aacb0f
|
Move api errors to their own package and modify the typedef
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
65b4dda420
|
Add wrappers to identity methods in the ca package.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
524c221c61
|
Add mTLS test for identity client.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
25144539f8
|
Improve identity tests.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
d85386d0b4
|
Add identity client and move identity to a new package.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
9e7b86342b
|
Fix test.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
c6f6493bb7
|
Fail silently if the identity fails.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
3ac388612a
|
Use x5cInsecure token for /ssh/check-host endpoint
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
ab126d6405
|
Add GetTransport to client.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
2259f62638
|
Add method to create an ssh token.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
caa2b8dbb7
|
Add leeway in identity not before.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
0512f6e3e5
|
redundant variable type def
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
d2b1f1547f
|
Create a custom client that sends a custom User-Agent.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
5d7829b198
|
Replace /ssh/get-hosts to /ssh/hosts
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
2fe07cd79c
|
Fix tests.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
85d3843968
|
Add Identity helpers.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
50188fc901
|
Add version support to the ca.Client.
|
2020-01-28 13:28:17 -08:00 |
|
Mariano Cano
|
db3b795eea
|
Fix directory permissions.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
bbaf8e106e
|
Support for retry and identity files.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
d555f310dc
|
Add support for identity authentication.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
f9e5b27e63
|
Add client method for SSHBastion
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
29853ae016
|
sshpop provisioner + ssh renew | revoke | rekey first pass
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
862d704f6b
|
get-hosts fixes
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
5616386eed
|
Add SSH getHosts api
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
b8817ad648
|
Add proxycommand and new lines to templates.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
37f17213bb
|
Add initial support for check-host endpoint.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
d08db4df23
|
Rename SSH methods.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
b5bc249e1c
|
Add support for multiple ssh roots.
Fixes #125
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
a35988ff08
|
Add initial support for ssh config.
Related to smallstep/cli#170
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
961be1fbc7
|
Add endpoint to return the SSH public keys.
Related to smallstep/ca-component#195
|
2020-01-28 13:28:16 -08:00 |
|
Max
|
0a96062b76
|
Merge pull request #128 from jkralik/returnCertChain
Change api of functions Authority.Sign, Authority.Renew
|
2019-10-18 14:00:18 -07:00 |
|
max furman
|
d368791606
|
Add x5c provisioner capabilities
|
2019-10-14 14:51:37 -07:00 |
|
max furman
|
7aec7c2612
|
Create ACME database tables when initializing ACME autority.
|
2019-10-14 14:51:03 -07:00 |
|
Jozef Kralik
|
bc6074f596
|
Change api of functions Authority.Sign, Authority.Renew
Returns certificate chain instead of 2 members.
Implements #126
|
2019-10-09 22:23:00 +02:00 |
|
max furman
|
fe7973c060
|
wip
|
2019-09-19 13:17:45 -07:00 |
|
max furman
|
e3826dd1c3
|
Add ACME CA capabilities
|
2019-09-13 15:48:33 -07:00 |
|
Mariano Cano
|
10e7b81b9f
|
Merge branch 'master' into ssh-ca
|
2019-09-05 23:06:01 +02:00 |
|
max furman
|
635c59ed24
|
Accept emails SANs
|
2019-08-23 15:59:30 -07:00 |
|
Mariano Cano
|
1c8f610ca9
|
Add initial implementation of an SSH CA using the JWK provisioner.
Fixes smallstep/ca-component#187
|
2019-07-23 18:46:43 -07:00 |
|
Mariano Cano
|
44e85b51f2
|
Add some extra coverage.
|
2019-06-21 15:12:36 -07:00 |
|