github-personal/certificates
1
0
Fork 0
mirror of https://github.com/outbackdingo/certificates.git synced 2026-01-27 10:18:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,107 Commits 1 Branch 0 Tags
2c61c44176a89885ea69dd341dca16fb2875d868
Commit Graph

409 Commits

Author SHA1 Message Date
Mariano Cano
d647ba3e9c Allow to specify audience when generating JWK provisioner tokens 
This commit allows to set custom audiences to generate X.509 and SSH
related tokens. This change is backward compatible with the current
interface.

Fixes @2323
 2025-07-01 18:36:20 -07:00
Herman Slatman
acf4387180 Fix new golangci-lint v2 linter issues 2025-05-21 12:21:47 +02:00
Herman Slatman
8815e60a36 Fix flaky client timeout test 
It looks like the server sleep wasn't always enough to trigger
the timeout of the `fail with timeout` test. The server sleep
has been increased, and the timeout decreased to prevent this
from happening.
 2025-04-03 13:36:06 +02:00
Herman Slatman
3135a2caec Add default timeout to CA and Admin client 2025-04-01 16:24:36 +02:00
Mariano Cano
d8993aca7c Add option to specify a client timeout 
This commit adds to the ca Client a new option to specify the client
timeout.

Fixes #2176
 2025-04-01 15:51:28 +02:00
Herman Slatman
27944b4eae Fix linter issues 2025-02-18 11:04:54 +01:00
Herman Slatman
f4736325fa Use github.com/smallstep/linkedca @ v0.23.0 2025-01-03 18:24:19 +01:00
Panagiotis Siatras
809c7023c9 Transport wrappers (#2103) 
* internal/httptransport: implemented Wrapper & NoopWrapper

* added transport wrappers

* addressed review comments
 2024-12-12 09:51:36 -08:00
Panagiotis Siatras
c986962154 internal/httptransport: initial implementation of the package (#2098) 
* internal/httptransport: initial implementation of the package
* authority: refactored for httptransport
* ca: refactored for httptransport
* test: refactored for httptransport
 2024-12-10 18:03:37 +02:00
Herman Slatman
b45b73f4cc Use github.com/smallstep/cli-utils instead of go.step.sm/cli-utils 2024-10-28 10:53:44 +01:00
Herman Slatman
aeb5e1b366 Address linter issues 2024-08-20 16:54:29 +02:00
Mariano Cano
683f2dfff3 Fix unit test 2024-07-24 12:24:03 -07:00
Mariano Cano
f3f484cee2 Log errors using slog.Logger 
This commit allows logging errors in a slog.Logger injected in the
context. This type of logger is not currently used directly in step-ca,
but this will change in the future.
 2024-05-15 15:40:40 -07:00
Mariano Cano
10f6a901ec Let the CA determine the RA lifetime 
When the RA mode with StepCAS is used, let the CA decide which lifetime
the RA should get instead of requiring always 24h.

This commit also fixes linter warnings.

Related to #1094
 2024-03-12 14:29:55 -07:00
Herman Slatman
b8510dd5b2 Make the requestid an exported middleware 2024-03-07 10:41:19 +01:00
Herman Slatman
bbb80cde16 Add startup error shutdown message to log 2024-03-05 15:34:13 +01:00
Herman Slatman
f02d4546a9 Handle CA server startup errors 2024-03-05 11:08:24 +01:00
Herman Slatman
d392c169fc Improve functional coverage of request ID integration test 2024-03-04 12:00:08 +01:00
Herman Slatman
0898c6db97 Use UUIDv4 as automatically generated client request identifier 2024-03-01 01:04:31 +01:00
Herman Slatman
b9d6bfc1eb Cleanup CA client tests by removing smallstep/assert 2024-02-28 14:39:38 +01:00
Herman Slatman
532b9df0a3 Improve CA client request ID handling 2024-02-28 13:57:37 +01:00
Herman Slatman
7e5f10927f Decouple request ID middleware from logging middleware 2024-02-28 13:18:10 +01:00
Herman Slatman
2255857b3a Fix client shadowing and e2e request ID test case 2024-02-28 10:50:49 +01:00
Herman Slatman
5c2572c443 Add support for user provider X-Request-Id header value 2024-02-28 01:55:35 +01:00
Herman Slatman
cf8a50157f Add a basic e2e test for X-Request-Id reflection 2024-02-28 01:05:38 +01:00
Herman Slatman
c1c2e73475 Add X-Request-Id to all requests made by our CA clients 2024-02-27 17:04:21 +01:00
Mariano Cano
503e5046ea Merge branch 'master' into allow_custom_tls_config 2024-02-14 12:11:00 -08:00
Mariano Cano
beea482a0c Fix linter errors in ca/ca.go 2024-02-14 12:09:03 -08:00
Mariano Cano
ac773ff44e Merge branch 'master' into allow_external_x509_ca_service_intf 2024-02-14 11:38:39 -08:00
Mariano Cano
9fcdd3ffa6 Fix format warnings on ca/ca.go 2024-02-14 11:34:25 -08:00
Panagiotis Siatras
dd1ff9c15b Implementation of the Prometheus endpoint (#1669) 
Implementation of the http://{metricsAddress}/metrics Prometheus endpoint.
 2024-01-25 23:47:27 -08:00
Venky Gopal
356e7070ef Allow usage of externally supplied TLS config 2024-01-21 09:26:40 -05:00
Venky Gopal
fbc1e895c2 Allow x509 Service CA implementation to be injected through ca and authority options 2024-01-21 08:50:09 -05:00
Mariano Cano
b20af51f32 Upgrade go.step.sm/crypto to use go-jose/v3 2023-12-12 16:36:48 -08:00
Herman Slatman
ffe079f31b Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-23 00:06:56 +02:00
Dominic Evans
231b5d8406 chore(deps): upgrade github.com/go-chi/chi to v5 
Upgrade chi to the v5 module path to avoid deprecation warning about v4
and earlier on the old module path.

See https://github.com/go-chi/chi/blob/v4.1.3/go.mod#L1-L4

Signed-off-by: Dominic Evans <dominic.evans@uk.ibm.com>
 2023-09-20 11:26:32 +01:00
Herman Slatman
d9f56cdbdc Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-04 15:24:19 +02:00
Mariano Cano
d739aab345 Define BaseContext before starting the server in tests 
If the http.Server BaseContext is not define before the start of the
server, it might not be properly set depending on the goroutine
scheduler. This was causing random errors on CI.
 2023-08-17 12:56:26 -07:00
Herman Slatman
fc1fb51854 Improve SCEP authority initialization and reload 2023-08-02 18:35:38 +02:00
Herman Slatman
1ce80cf740 Merge branch 'master' into herman/scep-provisioner-decrypter 2023-07-27 01:03:26 +02:00
Mariano Cano
0c3a1aea38 Wait for Accept in TestBootstrapClientServerRotation 
The TestBootstrapClientServerRotation often fails because the reload
returns once the Server loop gets the new listener, but the server
hasn't really started yet. This commit makes the test pass, adding a
small sleep after the reload.

A proper fix might require a wrapper over the listener and an ACK
callback on a sync.Once on a custom Accept.
 2023-07-19 14:56:09 -07:00
guoguangwu
4c70abcd62 chore: log error 2023-07-08 17:20:18 +08:00
Herman Slatman
8fc3a46387 Refactor the SCEP authority initialization 
Instead of relying on an intermediate `scep.Service` struct,
initialize the `scep.Authority` directly. This removes one redundant
layer of indirection.
 2023-06-01 15:50:51 +02:00
Herman Slatman
6985b4be62 Clean up the SCEP authority and provisioner 2023-06-01 14:43:32 +02:00
Herman Slatman
180162bd6a Refactor SCEP provisioner and decrypter 2023-06-01 12:10:54 +02:00
max furman
8b256f0351 address linter warning for go 1.19 2023-05-09 23:47:28 -07:00
Herman Slatman
f9ec62f46c Merge branch 'master' into herman/improve-scep-marshaling 2023-05-04 10:47:53 +02:00
Herman Slatman
5e35aca29c Use CRLConfig.IsEnabled 2023-05-02 15:17:50 +02:00
Herman Slatman
60a4512abe Add /crl and /1.0/crl to the insecure HTTP handler 2023-05-02 14:58:32 +02:00
Mariano Cano
7700bb77da Remove old call to compact 2023-03-01 17:37:56 -08:00