Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,272 Commits
45 Branches
214 Tags
91 MiB
mariano/account-provisioner
dependabot/go_modules/github.com/prometheus/client_golang-1.19.1
dependabot/go_modules/golang.org/x/net-0.25.0
dependabot/go_modules/google.golang.org/protobuf-1.34.1
dependabot/go_modules/google.golang.org/api-0.180.0
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
master
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Commit Graph

102 Commits (master)

Author SHA1 Message Date
Mariano Cano 3648c3fab6 Fix error message when --kms is not passed. 3 years ago
Mariano Cano 1d2146166b Close key manager. 3 years ago
Mariano Cano 51ac28656e Fix protection level for host keys in cloudkms script. 
Fixes #460
 3 years ago
Mariano Cano 7f9d7eadc9 Attempt to delete key and certificate with the same name. 
Nitrokey will override the label of the key with the certificate one.
If they are stored with the same id.
 3 years ago
Mariano Cano 162c535705 Add option to not store certificates in the pkcs11 module. 3 years ago
Mariano Cano 8dca652bc7 Add support for PKCS #11 KMS. 
The implementation works with YubiHSM2. Unit tests are still pending.

Fixes #301
 3 years ago
Anton Lundin 3e6137110b Add support for using ssh-agent as a KMS 
This adds a new KMS, SSHAgentKMS, which is a KMS to provide signing keys
for issuing ssh certificates signed by a key managed by a ssh-agent. It
uses the golang.org/x/crypto package to get a native Go implementation
to talk to a ssh-agent.

This was primarly written to be able to use gpg-agent to provide the
keys stored in a YubiKeys openpgp interface, but can be used for other
setups like proxying a ssh-agent over network.

That way the signing key for ssh certificates can be kept in a
"sign-only" hsm.

This code was written for my employer Intinor AB, but for simplicity
sake gifted to me to contribute upstream.

Signed-off-by: Anton Lundin <glance@acc.umu.se>
 4 years ago
Mariano Cano 40d0596b71 Use smallstep/cli-utils instead of smallstep/cli 4 years ago
Mariano Cano 647b9b4541
Merge pull request #367 from smallstep/cas 
Support for CAS Interface and CloudCAS
 4 years ago
Carl Tashian fd07e25e61 Change Gitter links to GH Discussions tab 4 years ago
Mariano Cano f100b2d0e3 Make the YubiKey management key configurable. 
With this change the default management key is not required as the
user is able to set its own.

Fixes #323
 4 years ago
Mariano Cano 1b1f73dec6 Early attempt to develop a CAS interface. 4 years ago
Mariano Cano d30a95236d Use always go.step.sm/crypto 4 years ago
Mariano Cano ddb4ca7a74 Move load of kms to main package. 
With this change packages that import the authority won't load by
default all the supported kms with all its dependencies.

Fixes #228
 4 years ago
Mariano Cano 26c89cf779 Rename method. 4 years ago
Mariano Cano 7a985b1470 Fix usage, remove unsupported flag. 4 years ago
Mariano Cano 5b680b2349 Add initialization script for an AWS KMS. 4 years ago
Mariano Cano 89e164dad6 Add AuthorityKeyId to cloudkms root cert. 4 years ago
Mariano Cano 97508ca215 Add AuthorityKeyId to root certificate. 
Fix error string.
 4 years ago
Mariano Cano 03a6789f0e Fix compile errors without cgo support. 4 years ago
Mariano Cano 025c0aa20f Display the proper yubikey uri. 4 years ago
Mariano Cano 22b86c3fcc Only rewrite keys with --force. 4 years ago
Mariano Cano 6868190fff Add initial support for yubikey. 4 years ago
Mariano Cano 6b01128bcc Reference root.Subject instead of hardcoding it. 4 years ago
Mariano Cano 1535e95d89 Add tool to initialize pki in cloud kms. 4 years ago
Mariano Cano 869ef70211
Merge pull request #172 from 256dpi/master 
Added Resolver Option
 4 years ago
Sebastian Tiedtke f2b95647f3 Use date range in copyright 4 years ago
Joël Gähwiler 445fcbe621 added resolver 4 years ago
Mariano Cano 4d423137f0 Re-enable profiler. 4 years ago
Mariano Cano c60641701b Add version endpoint. 4 years ago
Alan Christopher Thomas 8f08b47a9c Rough wiring for basics of connecting to onboarding flow 4 years ago
Mariano Cano 5013f7ffe0 Move ca commands to its own package. 5 years ago
Mariano Cano 0efae31a29 Generate PKI and start server using onboarding. 5 years ago
Mariano Cano bca5dcc326 Remove url from error message. 5 years ago
Mariano Cano 0c654d93ea Create method for onboard action and clean code. 5 years ago
Alan Christopher Thomas c0d1399c38 Change onboarding bootstrap command to step-ca onboard 
cc @sourishkrout @maraino
 5 years ago
Alan Christopher Thomas 7c0622e50e Make note about adding "admin" JWT provisioner 5 years ago
Alan Christopher Thomas 21baa69473 Fix linting errors and remove useless code 5 years ago
Alan Christopher Thomas 15f2935db1 Rough wiring for basics of connecting to onboarding flow 5 years ago
Mariano Cano 10e7b81b9f Merge branch 'master' into ssh-ca 5 years ago
max furman e3bd2d0e2b Custom AppHelpTemplate for step-ca 5 years ago
Mariano Cano 00ebee870b Do not show value on boolean flags help. 5 years ago
Mariano Cano 6592c4784b Fix flag parsing after the configuration file 
Fixes #52
 5 years ago
Sebastian Tiedtke 70f0a0e182 It's 2019 5 years ago
Mariano Cano 3f0a55418c Fix lint errors. 6 years ago
max furman 55d40a7f86 Change - overwrite help subcommand 6 years ago
max furman 054846d449 Fix version info CLI -> CA 6 years ago
max furman 86424b5b79 fix gofmt error 6 years ago
max furman 95d4d9c4c1 update the help and usage information 6 years ago
Mariano Cano e0877a03f2 Add version flag to step-ca. 6 years ago
max furman c74fcd57a7 ca-component -> certificates 
* fix redundant error check
* add README
 6 years ago
max furman c284a2c0ab first commit 6 years ago