Mariano Cano
|
28e882c9b3
|
Add deployment type to export.
|
2021-08-10 17:14:17 -07:00 |
|
Mariano Cano
|
072ba4227c
|
Add deployment type to config.
This field is ignored except for the start of the ca. If the type
is linked and the token is not passed, it will fail with an error.
|
2021-08-10 17:07:15 -07:00 |
|
Mariano Cano
|
56bb3eb6e1
|
Add next steps for linked ca.
|
2021-08-10 14:54:31 -07:00 |
|
Mariano Cano
|
47a30f1524
|
Add JWK provisioner to generic config.
Fix linter errors.
|
2021-08-06 14:58:03 -07:00 |
|
Mariano Cano
|
536536c92d
|
Wrap json errors.
|
2021-08-06 14:55:17 -07:00 |
|
Mariano Cano
|
640f523150
|
Remove unused function.
|
2021-08-06 14:31:49 -07:00 |
|
Mariano Cano
|
9d51c2cceb
|
Fix linter errors in the name of export methods.
|
2021-08-06 14:29:54 -07:00 |
|
Mariano Cano
|
16d3afb92a
|
Remove unused method.
|
2021-08-06 12:37:20 -07:00 |
|
Mariano Cano
|
d72fa953ac
|
Remove debug statements.
|
2021-08-05 18:50:18 -07:00 |
|
Mariano Cano
|
3f07eb597a
|
Implement revocation using linkedca.
|
2021-08-05 18:45:50 -07:00 |
|
Mariano Cano
|
81004ce1f9
|
Remove deprecated functions.
|
2021-08-05 17:36:18 -07:00 |
|
Mariano Cano
|
f643af7095
|
Update onboarding flow with new pki package.
|
2021-08-05 15:57:48 -07:00 |
|
Mariano Cano
|
79cf059447
|
Remove deprecated methods and write all pki files at once.
|
2021-08-05 15:57:13 -07:00 |
|
Mariano Cano
|
ad4dbd6764
|
Write all files on save.
|
2021-08-05 12:58:54 -07:00 |
|
Mariano Cano
|
50f7a0d0c0
|
Work in progress implementation of PKI with helm support
|
2021-08-04 20:15:26 -07:00 |
|
Mariano Cano
|
798b90c359
|
Move linkedca configuration to the main package.
|
2021-08-04 20:15:04 -07:00 |
|
Mariano Cano
|
de719eb6f0
|
Add an option to avoid password prompts on step cas
When we are using `step ca init` to create a stepcas RA we don't
have access to the password for verify the provisioner.
|
2021-08-04 16:16:35 -07:00 |
|
Mariano Cano
|
de292fbed6
|
Use branch version of linkedca.
|
2021-08-02 16:08:54 -07:00 |
|
Mariano Cano
|
721459210e
|
Make pki initialization more flexible.
|
2021-08-02 16:07:30 -07:00 |
|
Mariano Cano
|
384be6e205
|
Do not show provisioners if they are not required.
For deployment types like linked ca, the list of provisioners in
the ca.json are not required, so we should tag the json as omitempty.
|
2021-08-02 15:34:39 -07:00 |
|
Mariano Cano
|
b0e0f2b89d
|
Use linkedca GetAdmin and GetProvisioner.
|
2021-08-02 14:45:59 -07:00 |
|
Mariano Cano
|
91a369f618
|
Automatically enable admin properly on linked cas.
|
2021-08-02 12:13:39 -07:00 |
|
Mariano Cano
|
26122a2cbf
|
Enable admin automatically if a token is provided.
|
2021-08-02 11:48:37 -07:00 |
|
Carl Tashian
|
9572c62520
|
Merge pull request #657 from smallstep/ra-installer
RA install script
|
2021-08-02 11:39:02 -07:00 |
|
Mariano Cano
|
5344f42f21
|
Allow to use the environment variable STEP_CA_TOKEN
For helm charts we want to store the tokens in a secret and load
it from an environment variable.
|
2021-08-02 11:33:02 -07:00 |
|
Mariano Cano
|
2620c38aee
|
Add is converting provisioners to linkedca.
The ids are required to be able to link admins with provisioners.
|
2021-07-28 18:05:57 -07:00 |
|
Mariano Cano
|
e62d7988b8
|
Do not store password on exports.
|
2021-07-28 15:22:21 -07:00 |
|
Mariano Cano
|
ac363d7824
|
Add --password-file and --issuer-password-file flags to export.
|
2021-07-28 15:21:48 -07:00 |
|
Mariano Cano
|
4f27f4b002
|
Change default ciphersuites to newer names.
|
2021-07-28 13:56:05 -07:00 |
|
Carl Tashian
|
97af829805
|
RA install script
|
2021-07-28 13:55:35 -07:00 |
|
Mariano Cano
|
07f7316851
|
Add bastion to export.
|
2021-07-27 19:22:29 -07:00 |
|
Mariano Cano
|
0730a165fd
|
Add collection of files and authority template.
|
2021-07-27 19:19:58 -07:00 |
|
Mariano Cano
|
c7f8516142
|
Add to export all the information in the ca.json
|
2021-07-27 18:29:29 -07:00 |
|
Mariano Cano
|
887423ee6e
|
Update TLS cipher suites.
|
2021-07-27 18:29:10 -07:00 |
|
Carl Tashian
|
53d08e1f5c
|
Remove microbadger.com (the website is gone)
|
2021-07-27 12:03:52 -07:00 |
|
Carl Tashian
|
8f4c833845
|
Update README.md
|
2021-07-27 12:01:50 -07:00 |
|
Mariano Cano
|
dc1ec18b52
|
Create a way to export ca configurations.
|
2021-07-26 19:01:56 -07:00 |
|
Mariano Cano
|
d0c1530f89
|
Remove replace of linkedca package.
|
2021-07-26 14:48:01 -07:00 |
|
Mariano Cano
|
3a00b6b396
|
Properly marshal a certificate when we send it to linkedca.
|
2021-07-26 14:31:42 -07:00 |
|
Mariano Cano
|
4ad82a2f76
|
Check linkedca for revocation.
|
2021-07-23 16:10:13 -07:00 |
|
Mariano Cano
|
f7542a5bd9
|
Move check of ssh revocation from provisioner to the authority.
|
2021-07-21 15:22:57 -07:00 |
|
Carl Tashian
|
cff19691b3
|
Merge pull request #654 from smallstep/needs-renewal
Fix needs-renewal condition and switch to using ExecCondition
|
2021-07-21 14:34:42 -05:00 |
|
Carl Tashian
|
09b554f855
|
Merge pull request #609 from smallstep/discord
update gitter to discord
|
2021-07-21 12:24:27 -05:00 |
|
Carl Tashian
|
22ef324534
|
Fix needs-renewal condition and switch to using ExecCondition
|
2021-07-21 11:49:10 -05:00 |
|
Mariano Cano
|
71f8019243
|
Store x509 and ssh certificates on linkedca if enabled.
|
2021-07-20 18:16:24 -07:00 |
|
Mariano Cano
|
17eef81c91
|
Remove linkerd replace.
|
2021-07-20 14:55:07 -07:00 |
|
Mariano Cano
|
a72eab915b
|
Use linkedca v0.1.0
|
2021-07-20 12:59:59 -07:00 |
|
Mariano Cano
|
7c0faab73e
|
Remove now unused step-ca login.
|
2021-07-20 12:57:34 -07:00 |
|
Carl Tashian
|
f8c137af4f
|
Update provisioners.md
|
2021-07-20 10:32:18 -05:00 |
|
Carl Tashian
|
28acc1b7d2
|
Merge pull request #653 from smallstep/needs-renewal
systemd cert renewer can now use 'step certificate needs-renewal'
|
2021-07-20 09:38:52 -05:00 |
|