certificates
certificates copied to clipboard
smallstep
π‘οΈ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
### Steps to Reproduce 1. Follow [Vault RA mode](https://smallstep.com/docs/step-ca/registration-authority-ra-mode/#hashicorp-vault-ra-mode) setup docs. 2. Start up the RA and confirm it's working. 3. Add a SCEP provisioner by running `step ca provisioner...
## Hello! - Vote on this issue by adding a π reaction - If you want to implement this feature, comment to let us know (we'll work with you on...
This commit allows tying tokens with the provided CSR or SSH public key. Tokens with a confirmation claim kid (`cnf.kid`) will validate that the provided fingerprint (kid) matches the CSR...
This replaces https://github.com/smallstep/certificates/pull/1656
### Description In https://github.com/smallstep/certificates/discussions/1636, @daFritz84 proposes that binding JWT tokens for the JWK provisioner to a given CSR might be a good option to prevent some attacks. Optionally, adding a...
### Steps to Reproduce Run any `step-ca` command. ### Your Environment * OS - Fedora 39 * `step-ca` Version - CA/0.25.2 ### Expected Behavior It gives instruction that work. ###...
### Steps to Reproduce 1. Open an ACME order against a step-ca server 2. Answer the DNS-01 challenge for the order without properly populating DNS (or populating it with the...
This PR adds a new Dockerfile using an Alpine base with OpenSSL compiled in FIPS-mode and a binary built with `boringcrypto`. πThank you!
## Hello! - Vote on this issue by adding a π reaction - If you want to implement this feature, comment to let us know (we'll work with you on...
