github-personal/certificates
1
0
Fork 0
mirror of https://github.com/outbackdingo/certificates.git synced 2026-01-27 10:18:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,261 Commits 1 Branch 0 Tags
d037ed6ff2d82785e751dc2e2273a12125ebb59c
Commit Graph

396 Commits

Author SHA1 Message Date
Mariano Cano
10f6a901ec Let the CA determine the RA lifetime 
When the RA mode with StepCAS is used, let the CA decide which lifetime
the RA should get instead of requiring always 24h.

This commit also fixes linter warnings.

Related to #1094
 2024-03-12 14:29:55 -07:00
Herman Slatman
b8510dd5b2 Make the requestid an exported middleware 2024-03-07 10:41:19 +01:00
Herman Slatman
bbb80cde16 Add startup error shutdown message to log 2024-03-05 15:34:13 +01:00
Herman Slatman
f02d4546a9 Handle CA server startup errors 2024-03-05 11:08:24 +01:00
Herman Slatman
d392c169fc Improve functional coverage of request ID integration test 2024-03-04 12:00:08 +01:00
Herman Slatman
0898c6db97 Use UUIDv4 as automatically generated client request identifier 2024-03-01 01:04:31 +01:00
Herman Slatman
b9d6bfc1eb Cleanup CA client tests by removing smallstep/assert 2024-02-28 14:39:38 +01:00
Herman Slatman
532b9df0a3 Improve CA client request ID handling 2024-02-28 13:57:37 +01:00
Herman Slatman
7e5f10927f Decouple request ID middleware from logging middleware 2024-02-28 13:18:10 +01:00
Herman Slatman
2255857b3a Fix client shadowing and e2e request ID test case 2024-02-28 10:50:49 +01:00
Herman Slatman
5c2572c443 Add support for user provider X-Request-Id header value 2024-02-28 01:55:35 +01:00
Herman Slatman
cf8a50157f Add a basic e2e test for X-Request-Id reflection 2024-02-28 01:05:38 +01:00
Herman Slatman
c1c2e73475 Add X-Request-Id to all requests made by our CA clients 2024-02-27 17:04:21 +01:00
Mariano Cano
503e5046ea Merge branch 'master' into allow_custom_tls_config 2024-02-14 12:11:00 -08:00
Mariano Cano
beea482a0c Fix linter errors in ca/ca.go 2024-02-14 12:09:03 -08:00
Mariano Cano
ac773ff44e Merge branch 'master' into allow_external_x509_ca_service_intf 2024-02-14 11:38:39 -08:00
Mariano Cano
9fcdd3ffa6 Fix format warnings on ca/ca.go 2024-02-14 11:34:25 -08:00
Panagiotis Siatras
dd1ff9c15b Implementation of the Prometheus endpoint (#1669) 
Implementation of the http://{metricsAddress}/metrics Prometheus endpoint.
 2024-01-25 23:47:27 -08:00
Venky Gopal
356e7070ef Allow usage of externally supplied TLS config 2024-01-21 09:26:40 -05:00
Venky Gopal
fbc1e895c2 Allow x509 Service CA implementation to be injected through ca and authority options 2024-01-21 08:50:09 -05:00
Mariano Cano
b20af51f32 Upgrade go.step.sm/crypto to use go-jose/v3 2023-12-12 16:36:48 -08:00
Herman Slatman
ffe079f31b Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-23 00:06:56 +02:00
Dominic Evans
231b5d8406 chore(deps): upgrade github.com/go-chi/chi to v5 
Upgrade chi to the v5 module path to avoid deprecation warning about v4
and earlier on the old module path.

See https://github.com/go-chi/chi/blob/v4.1.3/go.mod#L1-L4

Signed-off-by: Dominic Evans <dominic.evans@uk.ibm.com>
 2023-09-20 11:26:32 +01:00
Herman Slatman
d9f56cdbdc Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-04 15:24:19 +02:00
Mariano Cano
d739aab345 Define BaseContext before starting the server in tests 
If the http.Server BaseContext is not define before the start of the
server, it might not be properly set depending on the goroutine
scheduler. This was causing random errors on CI.
 2023-08-17 12:56:26 -07:00
Herman Slatman
fc1fb51854 Improve SCEP authority initialization and reload 2023-08-02 18:35:38 +02:00
Herman Slatman
1ce80cf740 Merge branch 'master' into herman/scep-provisioner-decrypter 2023-07-27 01:03:26 +02:00
Mariano Cano
0c3a1aea38 Wait for Accept in TestBootstrapClientServerRotation 
The TestBootstrapClientServerRotation often fails because the reload
returns once the Server loop gets the new listener, but the server
hasn't really started yet. This commit makes the test pass, adding a
small sleep after the reload.

A proper fix might require a wrapper over the listener and an ACK
callback on a sync.Once on a custom Accept.
 2023-07-19 14:56:09 -07:00
guoguangwu
4c70abcd62 chore: log error 2023-07-08 17:20:18 +08:00
Herman Slatman
8fc3a46387 Refactor the SCEP authority initialization 
Instead of relying on an intermediate `scep.Service` struct,
initialize the `scep.Authority` directly. This removes one redundant
layer of indirection.
 2023-06-01 15:50:51 +02:00
Herman Slatman
6985b4be62 Clean up the SCEP authority and provisioner 2023-06-01 14:43:32 +02:00
Herman Slatman
180162bd6a Refactor SCEP provisioner and decrypter 2023-06-01 12:10:54 +02:00
max furman
8b256f0351 address linter warning for go 1.19 2023-05-09 23:47:28 -07:00
Herman Slatman
f9ec62f46c Merge branch 'master' into herman/improve-scep-marshaling 2023-05-04 10:47:53 +02:00
Herman Slatman
5e35aca29c Use CRLConfig.IsEnabled 2023-05-02 15:17:50 +02:00
Herman Slatman
60a4512abe Add /crl and /1.0/crl to the insecure HTTP handler 2023-05-02 14:58:32 +02:00
Mariano Cano
7700bb77da Remove old call to compact 2023-03-01 17:37:56 -08:00
Mariano Cano
831a1e35ea Add support for compating the badger db 
This commit adds a job that will compact the badger db periodically.
In the nosql package, when Compact is called, it will run badger's
RunValueLogGC method.
 2023-03-01 17:16:34 -08:00
max furman
fd921e5b26 successful isEnabled check should not return error 2023-01-10 15:02:23 -08:00
max furman
0b26698e72 Add IsEnabled method in AdminClient for checking admin API availability 2023-01-10 14:56:36 -08:00
Herman Slatman
b5961beba9 Fix and/or ignore linting issues 2022-12-21 16:02:26 +01:00
Herman Slatman
319333f936 Add WithContext methods to the CA client 2022-12-21 12:56:56 +01:00
Herman Slatman
f2e1c56c6c Improve SCEP provisioner marshaling 2022-12-13 09:33:31 +01:00
Mariano Cano
fcfd2b9bdc Return an appropriate error when requests fail 
If an http client Do method fails, it always returns an *url.URL error,
this change generalizes all those errors in one common method instead of
returning an fake HTTP error.

Fixes smallstep/cli#738
 2022-11-10 14:49:16 -08:00
Mariano Cano
47bd5a80d9 Set dialer local address with STEP_CLIENT_ADDR 
The environment variable STEP_CLIENT_ADDR can be used to set the local
address to use when dialing an address. This can be useful when step
is behind an CIDR-based ACL.

Fixes smallstep/cli#730
 2022-11-09 15:49:19 -08:00
Herman Slatman
54c560f620 Improve configuration file initialization log output 2022-10-24 15:22:37 +02:00
Herman Slatman
da5d2b405c Merge branch 'master' into herman/remote-management-helm 2022-10-13 23:36:50 +02:00
max furman
7203739369 Fix err assert linter warnings - upgrade outdated package 2022-10-12 16:32:26 -07:00
Herman Slatman
c9ee4a9f9d Disable initialization log output if started with --quiet 2022-10-11 12:19:48 +02:00
Andrew Reed
7101fbb0ee Provisioner webhooks (#1001) 2022-09-29 19:16:26 -05:00