Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,029 Commits
40 Branches
214 Tags
90 MiB
master
wire-acme-extensions
mariano/init-provisioners
fix-1637
dependabot/go_modules/github.com/slackhq/nebula-1.8.2
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f3d1863ec6'
${ noResults }
Commit Graph

45 Commits (f3d1863ec6d835955eca079519c4839ecfcfe0ee)

Author SHA1 Message Date
max furman f3d1863ec6
A few more linter errors 2 years ago
max furman 1e0ea6f958
more linting fixes 2 years ago
Mariano Cano f0a24bd8ca
Add acme property to enable challenges 
Fixes #1027
 2 years ago
max furman ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors 2 years ago
Mariano Cano 42102d88d5 Fix merge and add unit tests 2 years ago
Mariano Cano ee7307bd41 Cherry-pick acme.go from acdfdf3 2 years ago
Mariano Cano 1e098aef5b Fixes ACMEAttestationFormat comment 2 years ago
Mariano Cano ba42aaf865 Add attestationFormat property in the ACME provisioner 2 years ago
Mariano Cano fd4e96d1f4 Rename method to IsChallengeEnabled 2 years ago
Mariano Cano c77b4ff9c5 Fix linter errors 2 years ago
Mariano Cano 59c5219a07 Use a type for acme challenges 2 years ago
Mariano Cano bca311b05e Add acme property to enable challenges 
Fixes #1027
 2 years ago
Herman Slatman 5e9bce508d
Unexport GetPolicy() 2 years ago
Herman Slatman 6e1f8dd7ab
Refactor policy engines into container 2 years ago
Herman Slatman c40a4d2694
Contain policy engines inside provisioner Controller 2 years ago
Herman Slatman 0bb15e16f9
Fix missing ACME provisioner option 2 years ago
Herman Slatman 9e0edc7b50
Add early authority policy evaluation to ACME order API 2 years ago
Herman Slatman dc23fd23bf
Merge branch 'master' into herman/allow-deny-next 2 years ago
Mariano Cano 259e95947c Add support for the provisioner controller 
The claimer, audiences and custom callback methods are now managed
by the provisioner controller in an uniform way.
 2 years ago
Herman Slatman 3ec9a7310c
Fix ACME order identifier allow/deny check 2 years ago
Herman Slatman 7c541888ad
Refactor configuration of allow/deny on authority level 2 years ago
Herman Slatman c1424036bf
Merge branch 'master' into herman/allow-deny 2 years ago
Herman Slatman 512b8d6730
Refactor instantiation of policy engines 
Instead of using the `base` struct, the x509 and SSH policy
engines are now added to each provisioner directly.
 2 years ago
Herman Slatman 6440870a80
Clean up, improve test cases and coverage 2 years ago
Herman Slatman 6bc0513468
Add more tests 2 years ago
Herman Slatman 9539729bd9
Add initial implementation of x509 and SSH allow/deny policy engine 2 years ago
Herman Slatman d799359917
Merge branch 'master' into hs/acme-eab 2 years ago
Herman Slatman a7fbbc4748
Add tests for GetCertificateBySerial 2 years ago
Herman Slatman f31ca4f6a4
Add tests for validateExternalAccountBinding 3 years ago
Herman Slatman f81d49d963
Add first working version of External Account Binding 3 years ago
Herman Slatman 258efca0fa
Improve revocation authorization 3 years ago
max furman 9fdef64709 Admin level API for provisioner mgmt v1 3 years ago
max furman 638766c615 wip 3 years ago
Mariano Cano 6c64fb3ed2 Rename provisioner options structs: 
* provisioner.ProvisionerOptions => provisioner.Options
* provisioner.Options => provisioner.SignOptions
* provisioner.SSHOptions => provisioner.SingSSHOptions
 4 years ago
Mariano Cano a7fe0104c4 Remove ACME restrictions and add proper template support. 4 years ago
Mariano Cano 49b9aa6e3f Fix log string. 4 years ago
Mariano Cano 81cd288104 Enable templates in acme provisioners. 4 years ago
max furman 6e69f99310 Always set nbf and naf for new ACME orders ... 
- Use the default value from the ACME provisioner if values are not
defined in the request.
 4 years ago
Oleksandr Kovalchuk 322200b7db
Implement modifier to set CommonName 
Implement modifier which sets CommonName to the certificate if
CommonName is empty and forceCN is set in the config. Replace previous
implementation introduced in 0218018cee
with new modifier.

Closes https://github.com/smallstep/certificates/issues/259
Ref: https://github.com/smallstep/certificates/pull/260#issuecomment-628961322
 4 years ago
Oleksandr Kovalchuk 503c9f6101
Add config option to force CN 
Add configuration option `forceCN` to ACME provisioner. When this option
is set to `true`, provisioner should generate Subject.CommonName for
certificate if it was not present in the request. Default value of
`false` should keep the existing behavior (do not modify CSR and
certificate).

Ref: https://github.com/smallstep/certificates/issues/259
 4 years ago
max furman 1cb8bb3ae1 Simplify statuscoder error generators. 4 years ago
max furman dccbdf3a90 Introduce generalized statusCoder errors and loads of ssh unit tests. 
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
 4 years ago
max furman 29853ae016 sshpop provisioner + ssh renew | revoke | rekey first pass 4 years ago
max furman d368791606 Add x5c provisioner capabilities 5 years ago
max furman e3826dd1c3 Add ACME CA capabilities 5 years ago