| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-01-27 | Add a public_file_prefix option to cashier.conf | Kevin Lyda | |
| Allow the client to save the public key and public cert to files that start with public_file_prefix and end with .pub and -cert.pub respectively. This is the naming scheme the ssh IdentityFile config option supported for certs starting in version 5.4p1. Starting in version 7.2p1, an additional option, CertificateFile, was added, but the IdentityFile-only method with those names still works. Used in conjunction with a user's ~/.ssh/config file setting IdentitiesOnly and IdentityFile, this change will allow for multiple ssh CAs for different services. Note that this will resolve #49 . | |||
| 2017-01-25 | Create a gitlab auth source. | Kevin Lyda | |
| Defaults to public gitlab.com, but easily redirected to self-hosted installation. | |||
| 2017-01-25 | Switch to scl, an extension of hcl | Niall Sheridan | |
| 2017-01-15 | Add more context to errors | Niall Sheridan | |
| 2017-01-13 | Use wkfs to manage the lets encrypt cache | Niall Sheridan | |
| 2017-01-09 | Merge branch 'master' into opts2 | Niall Sheridan | |
| 2017-01-08 | Remove dbinit and use sql/js seed files | Niall Sheridan | |
| 2017-01-06 | Check that tls cert/key are set if use_tls is true | Niall Sheridan | |
| 2017-01-05 | Move GetPublicKey to the shared `lib` package | Niall Sheridan | |
| 2017-01-04 | Simplify key generation | Niall Sheridan | |
| Use functions to build key generation options. Make it entirely optional. | |||
| 2016-12-29 | Use vendored s3 wkfs | Niall Sheridan | |
| 2016-12-28 | Add LetsEncrypt support | Niall Sheridan | |
| When configured the server will request a TLS certificate for the specified server name from LetsEncrypt | |||
| 2016-10-11 | Replace the 'datastore' option with a 'database' option | Niall Sheridan | |
| The 'datastore' string option is deprecated and will be removed in a future version. The new 'database' map option is preferred. | |||
| 2016-10-06 | Add support for Hashicorp Vault | Niall Sheridan | |
| Vault is supported for the following: As a well-known filesystem for TLS cert, TLS key and SSH signing key. For configuration secrets for cookie_secret, csrf_secret, oauth_client_id and oauth_client_secret options. | |||
| 2016-10-06 | Use wkfs when loading tls certs | Niall Sheridan | |
| 2016-09-30 | Use json.NewDecoder to decode json from http | Niall Sheridan | |
| 2016-09-11 | Add a toggle for unexpired certs | Niall Sheridan | |
| 2016-09-10 | Make client a top-level package for consistency | Niall Sheridan | |
| 2016-09-03 | Add comments for exported types and functions | Niall Sheridan | |
| 2016-09-03 | Move signing & agent logic out of the main package | Niall Sheridan | |
| 2016-09-01 | Remove the Principal field from the request | Niall Sheridan | |
| The server will always overwrite this field with the username obtained from the auth provider. Allowing the client to set it is a waste of time. | |||
| 2016-08-27 | Allow setting some config from environment | Niall Sheridan | |
| 2016-08-27 | Update dependencies | Niall Sheridan | |
| 2016-08-26 | First attempt at dropping privileges | sid77 | |
| 2016-08-20 | Replace Fatals with Errors | Niall Sheridan | |
| 2016-08-20 | Run some tests in parallel | Niall Sheridan | |
| 2016-08-20 | Use references to config structs | Niall Sheridan | |
| 2016-08-20 | Add key expiry time to the comment | Niall Sheridan | |
| 2016-08-16 | Allow selecting which ip to listen on | Niall Sheridan | |
| 2016-08-16 | Add private key along certificate | sid77 | |
| 2016-08-15 | Ensure the /sign url is valid before use | Niall Sheridan | |
| 2016-08-09 | Document sqlite | Niall Sheridan | |
| 2016-08-09 | SQLite DB support | Niall Sheridan | |
| 2016-08-08 | Don't use local files | Niall Sheridan | |
| 2016-08-07 | Use bootstrap | Niall Sheridan | |
| Move templates and static under server/ | |||
| 2016-08-05 | Add an authdb flag for mongo | Niall Sheridan | |
| 2016-08-01 | Fix and enable handers test | Niall Sheridan | |
| 2016-07-31 | Support mongo datastores | Niall Sheridan | |
| 2016-07-31 | Use a KRL for revoked certs | Niall Sheridan | |
| 2016-07-24 | Add a page for revoking certs | Niall Sheridan | |
| Add a template for revocation Use DATETIME type to store created/expires times Require auth for the /admin and /revoke endpoints | |||
| 2016-07-17 | Add some handlers tests | Niall Sheridan | |
| 2016-07-03 | first pass at a certificate store | Niall Sheridan | |
| 2016-06-30 | Configurable logfile location | Niall Sheridan | |
| 2016-06-28 | http logging | Niall Sheridan | |
| 2016-06-27 | Updated agent lib accepts *ed25519.PrivateKey | Niall Sheridan | |
| 2016-06-06 | Merge pull request #18 from nsheridan/agent_lifetime | Niall Sheridan | |
| Remove certs from the agent when they expire | |||
| 2016-06-06 | Merge pull request #16 from nsheridan/s3 | Niall Sheridan | |
| Add AWS S3 and Google GCS virtual filesystems | |||
| 2016-06-06 | Save oauth 'state' identifier in the client | Niall Sheridan | |
| 2016-06-05 | Add AWS S3 and Google GCS virtual filesystems. | Niall Sheridan | |
| This allows the signing key to be read directly from S3 using a path like /s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>. | |||
| 2016-06-02 | Set an expiry on keys added to the agent | Niall Sheridan | |
 |
index : cashier | |
| Mirror of Cashier, a SSH Certificate Authority (CA). | Ben |
| aboutsummaryrefslogtreecommitdiff |