Development#10
Merged
Merged
Conversation
It is now possible to request certificates from a step-ca server with rudimentary parameters such as subject name, multiple SANs, output file format, encryption algorithm settings and optional encryption passwords for private keys and PFX bundles. The validators have been updated and a few code changes and improvements have been made.
I removed the hard to maintain __all__ definitions in favor of using explicit local imports. With a VSCode extension like isort it is much easier to sort and handle explicit imports ^^ The support functions file has been split up into separate categories to improve maintainability.
The certificate request workflow has been redesigned into a single, comprehensive menu, providing a clearer overview and making it easier to correct mistakes. I had to customize a part of questionary, which appears to contain a bug that causes the default selection to be displayed incorrectly.
All occurrences of os.path have been updated to use the modern pathlib library.
It is now possible to specify both a start and end date for a certificate’s validity. Note that the default step-ca server configuration limits validity to 24 hours, so this must be adjusted manually in the CA configuration to request a longer period.
The validators have been improved and the configuration file now uses the same validators as the console to ensure consistency.
The functions for checking the step-ca server's health and availability have been improved. The config option to trust unknown certificates has been removed, as step-cli requires the system to trust the step-ca server's root certificate to execute commands anyway.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.