Skip to content

Releases: smallstep/certificates

Step CA v0.28.0 (24-10-30)

30 Oct 00:20
df13aae
Compare
Choose a tag to compare

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.28.0_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.28.0_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.28.0_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • df13aae Update changelog for v0.28.0 (#2051)
  • 77667e7 Merge pull request #2049 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.18.2
  • 5147c60 Bump cloud.google.com/go/security from 1.18.1 to 1.18.2
  • efd324d Merge pull request #2048 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.6.2
  • a51f670 Merge pull request #2047 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.35.1
  • 9943bf1 Merge pull request #2050 from smallstep/dependabot/go_modules/google.golang.org/api-0.203.0
  • bb8605c Add DisableSSHCAUser and DisableSSHCAHost options to linkedca GCP provisioner (#2045)
  • 95a6cad Bump google.golang.org/api from 0.201.0 to 0.203.0
  • 99baf67 Bump cloud.google.com/go/longrunning from 0.6.1 to 0.6.2
  • bfe436b Bump github.com/newrelic/go-agent/v3 from 3.35.0 to 3.35.1
  • 34ba7a2 Merge pull request #2046 from smallstep/herman/refactor-cli-utils-import
  • b45b73f Use github.com/smallstep/cli-utils instead of go.step.sm/cli-utils
  • 88443dd Use dnsNamesSubsetValidator for IID provisioners (#2044)
  • 946bba2 Merge pull request #2040 from smallstep/dependabot/go_modules/github.com/prometheus/client_golang-1.20.5
  • 61fb5f4 Merge pull request #2039 from smallstep/dependabot/go_modules/google.golang.org/api-0.201.0
  • 5afe6b1 Bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5
  • 6ce8f7d Bump google.golang.org/api from 0.200.0 to 0.201.0

Thanks!

Those were the changes on v0.28.0!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CA v0.27.5 (24-10-17)

17 Oct 20:58
8d0b4d7
Compare
Choose a tag to compare

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.27.5_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.27.5_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.27.5_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • 8d0b4d7 Update changelog for 0.27.5 (#2035)
  • d4f96b5 Merge pull request #2032 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.16
  • 89a4708 Bump github.com/urfave/cli from 1.22.15 to 1.22.16
  • 3aa8627 Merge pull request #2031 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.35.0
  • 3e2be3e Merge pull request #2029 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.54.0
  • 7e4560e Merge pull request #2030 from smallstep/dependabot/go_modules/google.golang.org/api-0.200.0
  • 4d59f35 Merge pull request #2034 from smallstep/mariano/http-client
  • 6b872e8 Do not fail creating the provisioner HTTP client
  • ac93ce8 Bump github.com/newrelic/go-agent/v3 from 3.34.0 to 3.35.0
  • 2831a8a Bump google.golang.org/api from 0.199.0 to 0.200.0
  • b0acbee Bump go.step.sm/crypto from 0.53.0 to 0.54.0
  • 03c4b18 Merge pull request #2020 from smallstep/dependabot/go_modules/google.golang.org/protobuf-1.35.1
  • 55b097a Fix protobuf enum field type error message comparison test
  • ebcb6a1 Bump google.golang.org/protobuf from 1.34.2 to 1.35.1
  • 46b7e12 Merge pull request #2021 from smallstep/dependabot/go_modules/golang.org/x/net-0.30.0
  • 43b68da Bump golang.org/x/net from 0.29.0 to 0.30.0
  • 01b8a67 Merge pull request #2022 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.28.0
  • cd87739 Bump golang.org/x/crypto from 0.27.0 to 0.28.0
  • 26b7ca6 Merge pull request #1994 from smallstep/herman/pkcs7-windows-scep-fix
  • bd49471 Fix and/or silence linter issues
  • 4545659 Fix SCEP Windows client integration test for Go 1.23
  • 69486d3 Refactor preparation of test SCEP CAs
  • a0dd8d5 Add test case emulating Windows SCEP client
  • f1a8d1a Merge pull request #2015 from smallstep/dependabot/go_modules/google.golang.org/api-0.199.0
  • a8fa6e0 Bump google.golang.org/api from 0.198.0 to 0.199.0
  • b8d5147 Merge pull request #2018 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.67.1
  • 442677f Bump google.golang.org/grpc from 1.67.0 to 1.67.1
  • a8c2f4d Merge pull request #2017 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.53.0
  • 8a7d3cf Bump go.step.sm/crypto from 0.52.0 to 0.53.0
  • 45f44e4 Add option for the logging middleware to log real IP (#2002)
  • 5909db6 Merge pull request #2009 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.6.1
  • 3520d17 Merge pull request #2007 from smallstep/dependabot/go_modules/github.com/prometheus/client_golang-1.20.4
  • 27b1dd4 Bump cloud.google.com/go/longrunning from 0.6.0 to 0.6.1
  • b599056 Bump github.com/prometheus/client_golang from 1.20.3 to 1.20.4
  • 2dc75cf Merge pull request #2005 from smallstep/dependabot/go_modules/google.golang.org/api-0.198.0
  • ab71b58 Merge pull request #2006 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.18.1
  • 0a8ac03 Merge pull request #2008 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.8.0
  • 65aae5d Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.7.0 to 0.8.0
  • 964ecd9 Bump cloud.google.com/go/security from 1.18.0 to 1.18.1
  • ebe782b Bump google.golang.org/api from 0.197.0 to 0.198.0
  • e7841d8 Merge pull request #1998 from smallstep/dependabot/go_modules/google.golang.org/api-0.197.0
  • cb6e474 Merge pull request #1999 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/approle-0.8.0
  • dee71eb Bump google.golang.org/api from 0.196.0 to 0.197.0
  • 705f90d Merge pull request #1997 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.52.0
  • 4b19f81 Bump github.com/hashicorp/vault/api/auth/approle from 0.7.0 to 0.8.0
  • bc56c9a Merge pull request #1996 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/aws-0.8.0
  • d7168a6 Merge pull request #2000 from smallstep/dependabot/go_modules/github.com/slackhq/nebula-1.9.4
  • e9f3bc4 Bump github.com/slackhq/nebula from 1.9.3 to 1.9.4
  • edba68b Bump go.step.sm/crypto from 0.51.2 to 0.52.0
  • 6be2a41 Bump github.com/hashicorp/vault/api/auth/aws from 0.7.0 to 0.8.0
  • 35a4d6e Fix typo in legacy X509 certificate parser comment
  • f088f92 Fix for failing Windows SCEP enrollment certificates

Thanks!

Those were the changes on v0.27.5!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CA v0.27.4 (24-09-13)

13 Sep 17:55
364629e
Compare
Choose a tag to compare

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.27.4_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.27.4_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.27.4_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

Thanks!

Those were the changes on v0.27.4!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CA v0.27.4-rc1 (24-09-13)

13 Sep 16:48
736e1ec
Compare
Choose a tag to compare
Pre-release

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.27.4-rc1_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.27.4-rc1_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.27.4-rc1_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • 736e1ec [ci] Missing permission in goreleaser job

Thanks!

Those were the changes on v0.27.4-rc1!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CA v0.27.2 (24-07-18)

18 Jul 21:28
077f688
Compare
Choose a tag to compare

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.27.2_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.27.2_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.27.2_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • 077f688 Add changelog for 0.27.2 & 0.27.1 | update changelog for 0.27.0 (#1934)
  • eb503c7 Merge pull request #1931 from smallstep/mariano/console
  • 797f577 Merge pull request #1929 from smallstep/dependabot/go_modules/go.step.sm/linkedca-0.22.1
  • 61ffb32 Merge pull request #1928 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.17.3
  • 8b89dd1 Update step_config.tpl template
  • b67eb9d Bump go.step.sm/linkedca from 0.21.1 to 0.22.1
  • 53f616d Bump cloud.google.com/go/security from 1.17.0 to 1.17.3

Thanks!

Those were the changes on v0.27.2!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CA v0.27.1 (24-07-12)

12 Jul 21:52
3897771
Compare
Choose a tag to compare

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.27.1_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.27.1_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.27.1_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • 3897771 Merge pull request #1926 from smallstep/mariano/dns
  • 3e61796 Add a flag to enable strict DNS resolution
  • 0a9dd62 [actions] use ref_name as release name (#1924)

Thanks!

Those were the changes on v0.27.1!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CA v0.27.0 (24-07-12)

12 Jul 07:28
3978d2b
Compare
Choose a tag to compare

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.27.0_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.27.0_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.27.0_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • 3978d2b Update changelog for 0.27.0 | add actionlint | update go.step.sm/crypto (#1923)
  • 383d281 Merge pull request #1765 from smallstep/mariano/init-provisioners
  • 343e730 Remove Disabled provisioner add add an Uninitialized state
  • 3908932 Merge branch 'master' into mariano/init-provisioners
  • b6da1de Merge pull request #1922 from smallstep/mariano/identity
  • ffbbdf6 Update api/ssh.go
  • 955338a Create identity uri on any provisioner
  • 95afe68 Merge pull request #1920 from smallstep/mariano/crypto
  • 191f1a5 Fix unit tests after introduction of rawSubject
  • 8f19b3d Upgrades go.step.sm/crypto
  • e28eae7 Merge pull request #1919 from smallstep/mariano/fix-acme-http-port
  • 8ac876d Fix HTTP01 challenge url when --acme-http-host is used
  • 0eee6f0 Merge pull request #1918 from smallstep/carl/make-install-path
  • e81512d Merge pull request #1913 from smallstep/herman/improve-missing-device-attestation-error
  • ecd6c62 Mirrors smallstep/cli#1214
  • a7d4141 Merge pull request #1915 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.33.1
  • 530810f Merge pull request #1914 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.5.9
  • 2590690 Merge pull request #1916 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.65.0
  • a553907 Bump google.golang.org/grpc from 1.64.0 to 1.65.0
  • 78aa7b0 Bump github.com/newrelic/go-agent/v3 from 3.33.0 to 3.33.1
  • e733cf9 Bump cloud.google.com/go/longrunning from 0.5.8 to 0.5.9
  • 5fecc2b Fix HTTP internal server error when bad attestation object is provided
  • bc35b0c Merge pull request #1911 from smallstep/mariano/crypto-update
  • f93ad60 Upgrade go.step.sm/crypto
  • b9657b6 Merge pull request #1910 from smallstep/mariano/dns
  • 87c8020 make fmt
  • 2b30ae5 Show clean URL on HTTP-01 errors
  • c79a4d5 Add helper annotation on test function
  • ed71ac0 Wait for CA to start in a goroutine
  • 5817c95 Upgrade github.com/smallstep/nosql
  • 5c07d20 Do strict DNS lookup on ACME
  • 8829b42 Merge pull request #1903 from smallstep/mariano/validity
  • f8bda96 Apply suggestions from code review
  • caea80d Use a tagged version of go.step.sm/crypto
  • 1704ab9 Merge pull request #1908 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.5.8
  • b3f538f Merge pull request #1907 from smallstep/dependabot/go_modules/github.com/go-chi/chi/v5-5.1.0
  • 143c027 Merge pull request #1906 from smallstep/dependabot/go_modules/google.golang.org/api-0.186.0
  • 596dcb9 Bump cloud.google.com/go/longrunning from 0.5.7 to 0.5.8
  • 0ca263c Bump github.com/go-chi/chi/v5 from 5.0.14 to 5.1.0
  • 12e7089 Bump google.golang.org/api from 0.185.0 to 0.186.0
  • cb9abbe Add support for validities in templates
  • a85723d Merge pull request #1897 from smallstep/dependabot/go_modules/google.golang.org/api-0.185.0
  • c3beeaf Merge branch 'master' into dependabot/go_modules/google.golang.org/api-0.185.0
  • 367d90d Merge pull request #1898 from smallstep/dependabot/go_modules/github.com/go-chi/chi/v5-5.0.14
  • 27bea35 Bump github.com/go-chi/chi/v5 from 5.0.12 to 5.0.14
  • 5eb1849 Merge pull request #1896 from smallstep/dependabot/github_actions/softprops/action-gh-release-2.0.6
  • ee69818 Merge branch 'master' into dependabot/go_modules/google.golang.org/api-0.185.0
  • 7ff52f6 Merge pull request #1899 from smallstep/dependabot/go_modules/github.com/fxamacker/cbor/v2-2.7.0
  • 12c2e75 Update goreleaser YML version (#1901)
  • d12d866 Bump github.com/fxamacker/cbor/v2 from 2.6.0 to 2.7.0
  • 43bf6b5 Bump google.golang.org/api from 0.184.0 to 0.185.0
  • fffffc6 Bump softprops/action-gh-release from 2.0.5 to 2.0.6
  • 9bf6a83 Merge pull request #1891 from smallstep/dependabot/go_modules/google.golang.org/protobuf-1.34.2
  • 43bdd61 Bump google.golang.org/protobuf from 1.34.1 to 1.34.2
  • 1563c26 Merge pull request #1890 from smallstep/dependabot/go_modules/google.golang.org/api-0.184.0
  • 14230d8 Merge pull request #1889 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.47.1
  • 958c344 Bump google.golang.org/api from 0.183.0 to 0.184.0
  • 8a78924 Bump go.step.sm/crypto from 0.47.0 to 0.47.1
  • 890e81c [actions] dependabot to common workflow | move to new release action (#1887)
  • 2d4bc95 Merge pull request #1883 from smallstep/dependabot/go_modules/github.com/Azure/azure-sdk-for-go/sdk/azidentity-1.6.0
  • 93ca1e2 Merge branch 'master' into dependabot/go_modules/github.com/Azure/azure-sdk-for-go/sdk/azidentity-1.6.0
  • 7bc9d15 Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
  • 06a9d2e Allow custom SCEP key manager
  • 976bf0c Do not fail if a provisioner cannot be initialized

Thanks!

Those were the changes on v0.27.0!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CA v0.26.2 (24-06-13)

13 Jun 18:03
d6973c9
Compare
Choose a tag to compare

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.26.2_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.26.2_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.26.2_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • d6973c9 Set date for 0.26.2 release in changelog (#1886)
  • d4b2916 Changelog update for 0.26.2 (#1885)
  • f9e5971 Merge pull request #1884 from smallstep/mariano/linkedca
  • c8e65ab Fix linter warnings
  • b4616ee Upgrade linkedca
  • 634ece4 Merge pull request #1802 from jdoupe/AuthParams
  • a017c0e Merge branch 'master' into AuthParams
  • 8b36f7b Merge pull request #1878 from smallstep/dependabot/go_modules/google.golang.org/api-0.183.0
  • 30b2cd1 Merge branch 'master' into dependabot/go_modules/google.golang.org/api-0.183.0
  • a0b9360 Merge pull request #1879 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.24.0
  • d5171be Merge branch 'master' into dependabot/go_modules/golang.org/x/crypto-0.24.0
  • 6e12cfa Merge pull request #1880 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.47.0
  • d1de1ad Merge branch 'master' into dependabot/go_modules/google.golang.org/api-0.183.0
  • 0ce8fb6 Merge branch 'master' into dependabot/go_modules/golang.org/x/crypto-0.24.0
  • 3b9631b Merge branch 'master' into dependabot/go_modules/go.step.sm/crypto-0.47.0
  • 474f5d2 Update hardcoded AWS certs (#1881)
  • 7ab8391 Bump go.step.sm/crypto from 0.46.0 to 0.47.0
  • 23f120e Bump golang.org/x/crypto from 0.23.0 to 0.24.0
  • e3444c0 Bump google.golang.org/api from 0.182.0 to 0.183.0
  • 669d992 Merge pull request #1870 from smallstep/dependabot/go_modules/google.golang.org/api-0.182.0
  • 68c5238 Merge pull request #1869 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/approle-0.7.0
  • 4884379 Merge pull request #1868 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.46.0
  • 437154d Bump google.golang.org/api from 0.181.0 to 0.182.0
  • 2a9bbff Bump github.com/hashicorp/vault/api/auth/approle from 0.6.0 to 0.7.0
  • 4d7ca9d Bump go.step.sm/crypto from 0.45.1 to 0.46.0
  • 587d0d5 Merge pull request #1858 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.17.0
  • 34fde59 Bump cloud.google.com/go/security from 1.16.1 to 1.17.0
  • fe8c3d3 Merge pull request #1859 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.7.0
  • 013c2f2 Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.6.0 to 0.7.0
  • 4208b0a Merge pull request #1860 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.14.0
  • 6de7aa9 Merge pull request #1861 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.45.1
  • f3e4f0a Bump go.step.sm/crypto from 0.45.0 to 0.45.1
  • 2b8f3e7 Bump github.com/hashicorp/vault/api from 1.13.0 to 1.14.0
  • 47b5048 Merge pull request #1850 from smallstep/mariano/signer
  • 7d6eea0 Merge pull request #1853 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.64.0
  • 99ce13a Fix linter warnings
  • 5cdfc2c Bump google.golang.org/grpc from 1.63.2 to 1.64.0
  • 980687b Merge pull request #1854 from smallstep/dependabot/go_modules/google.golang.org/api-0.181.0
  • 8121a05 Bump google.golang.org/api from 0.180.0 to 0.181.0
  • ad0ac55 Merge pull request #1844 from smallstep/mariano/account-provisioner
  • 192e90e Merge branch 'master' into mariano/account-provisioner
  • 812ffd3 Reverse assert statements
  • d0548f9 Use %q instead of '%s'
  • 14959db Merge pull request #1849 from smallstep/mariano/log-errors
  • c0b7c33 Use a function as the error logger
  • 9e8087f Add GetX509Signer method
  • 8673818 Split provisioner check in two cases
  • f3f484c Log errors using slog.Logger
  • fdb0cf0 Merge pull request #1848 from smallstep/mariano/intermediates
  • d4862a2 Add methods to get the intermediate certificates
  • e08b277 Merge pull request #1847 from smallstep/mariano/x5c-insecure
  • b6afed3 Upgrade go.step.sm/crypto to v0.45.0
  • 9355923 Merge pull request #1839 from smallstep/dependabot/go_modules/google.golang.org/api-0.180.0
  • a8e9a18 Bump google.golang.org/api from 0.177.0 to 0.180.0
  • 803d3d3 Merge pull request #1840 from smallstep/dependabot/go_modules/google.golang.org/protobuf-1.34.1
  • e0e7ae6 Merge pull request #1841 from smallstep/dependabot/go_modules/golang.org/x/net-0.25.0
  • 72a8bb3 Merge pull request #1842 from smallstep/dependabot/go_modules/github.com/prometheus/client_golang-1.19.1
  • 5fa5a63 Verify provisioner with id if available
  • 9cbdc73 Bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1
  • 42341c7 Bump golang.org/x/net from 0.24.0 to 0.25.0
  • 0dff5c4 Bump google.golang.org/protobuf from 1.34.0 to 1.34.1
  • e3ba702 Merge pull request #1827 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.23.0
  • fe29cca Merge pull request #1828 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.33.0
  • 8cf5e3c Merge pull request #1829 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.5.7
  • 928d446 Bump golang.org/x/crypto from 0.22.0 to 0.23.0
  • e11833e Bump cloud.google.com/go/longrunning from 0.5.6 to 0.5.7
  • 591b9f7 Merge pull request #1826 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.16.1
  • a2f2332 Merge pull request #1831 from smallstep/mariano/err-not-found
  • b1e31b1 Use always acme.IsErrNotFound
  • cca6f6d Merge pull request #1830 from smallstep/mariano/provisioner-id
  • d037ed6 Add provisioner id to acme accounts
  • 9b25665 Bump github.com/newrelic/go-agent/v3 from 3.32.0 to 3.33.0
  • 8933a2e Bump cloud.google.com/go/security from 1.16.0 to 1.16.1
  • 2c71543 Merge pull request #1817 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.44.8
  • 949e2fd Fix test error expectation in TestAuthorityNew
  • 281efbb Bump go.step.sm/crypto from 0.44.6 to 0.44.8
  • 14b1211 Merge pull request #1815 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.15
  • 0b894a0 Merge pull request #1816 from smallstep/dependabot/go_modules/google.golang.org/api-0.176.1
  • 20e315b Merge pull request #1819 from smallstep/mariano/not-found
  • 296ac4e Make ISErrNotFound more flexible
  • 28a87bb Merge pull request #1818 from smallstep/dependabot/github_actions/dependabot/fetch-metadata-2.1.0
  • bf03d56 Bump dependabot/fetch-metadata from 2.0.0 to 2.1.0
  • 6715c65 Bump google.golang.org/api from 0.176.0 to 0.176.1
  • 798e190 Bump github.com/urfave/cli from 1.22.14 to 1.22.15
  • 5072d7a chore: fix function names in comment (#1813)
  • 03c3cf5 fixed Scopes and AuthParams assignment
  • aa543a3 add Scopes to OIDC struct
  • 4879376 add AuthParams and Scopes to linkedca OIDC structures
  • 2fcf340 add AuthParams to OIDC struct

Thanks!

Those were the changes on v0.26.2!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CA v0.26.1 (24-04-22)

22 Apr 20:38
9cbab5a
Compare
Choose a tag to compare

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.26.1_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.26.1_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.26.1_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • 9cbab5a Add changelog for 0.26.1 (#1812)
  • d6bf551 Merge pull request #1803 from smallstep/herman/fix-scep-vault-ra
  • f4d506f Merge pull request #1811 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.13.0
  • 1e5e267 Remove leftover debug print
  • 760014c go mod tidy
  • 2561a72 Dedupe CA and SCEP client creation logic
  • 3965305 Bump github.com/hashicorp/vault/api from 1.12.2 to 1.13.0
  • 65cfee5 Merge pull request #1810 from smallstep/dependabot/go_modules/google.golang.org/api-0.176.0
  • 8d4effc Bump google.golang.org/api from 0.172.0 to 0.176.0
  • 4a37559 Merge pull request #1809 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.44.6
  • d7ed031 Merge pull request #1808 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.16.0
  • 8720200 Rewrite SCEP integration tests to only use the HTTPS endpoint
  • 57a6b85 Bump go.step.sm/crypto from 0.44.4 to 0.44.6
  • 0ba61c5 Bump cloud.google.com/go/security from 1.15.6 to 1.16.0
  • b0fabe1 Add some SCEP integration tests
  • 113a6dd Remove reporting the CA mode from startup logs
  • 6bc0a86 Fix CA startup with Vault RA configuration
  • 07279dd Merge pull request #1801 from smallstep/herman/upgrade-crypto-v0.44.4
  • 4c6b0b3 Upgrade go.step.sm/crypto to v0.44.4
  • f1a2c68 Merge pull request #1798 from smallstep/herman/fix-instrumented-key-manager
  • 7df3ad0 Merge pull request #1797 from smallstep/mariano/init-scep
  • 4202d66 Remove debug statement
  • d6bbe5b Add support for kmsapi.Decrypter to instrumented key manager
  • 721345e Merge pull request #1793 from verytrap/master
  • db92404 chore: fix function names in comment
  • 725a913 Allow custom SCEP key manager
  • 397877a Merge pull request #1795 from smallstep/herman/fix-scep-failinfo-oid
  • b226b6e Prevent exposing any internal details in SCEP failure message
  • 02956ad Merge pull request #1794 from smallstep/herman/fix-scep-failinfo-oid
  • 037554e Fix the id-scep-failInfoText OID
  • 1513152 Merge pull request #1791 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.32.0
  • c9ba31a Bump github.com/newrelic/go-agent/v3 from 3.31.0 to 3.32.0
  • 1f69ff8 Merge pull request #1792 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.63.2
  • a76f071 Bump google.golang.org/grpc from 1.62.1 to 1.63.2
  • 08ef9fe Merge pull request #1789 from smallstep/dependabot/go_modules/golang.org/x/net-0.24.0
  • 57d6285 Bump golang.org/x/net from 0.22.0 to 0.24.0
  • d5758ba Merge pull request #1784 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.31.0
  • 166c496 Merge pull request #1785 from smallstep/dependabot/go_modules/google.golang.org/api-0.172.0
  • 1be0932 Merge pull request #1786 from smallstep/carl/winget-fix
  • f04a5e3 Fix winget release URL
  • d1523c9 Bump google.golang.org/api from 0.171.0 to 0.172.0
  • 44c48a7 Bump github.com/newrelic/go-agent/v3 from 3.30.0 to 3.31.0
  • 188e4e3 Add version number to winget branch name (#1783)

Thanks!

Those were the changes on v0.26.1!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CA v0.26.0 (24-03-29)

29 Mar 03:52
395a3ee
Compare
Choose a tag to compare

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.26.0_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.26.0_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.26.0_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • 395a3ee Update go.step.sm/crypto (#1781)
  • 4772d7c Merge pull request #1780 from smallstep/herman/update-changelog-20240328
  • 854288a Update changelog for v0.26.0 release
  • 4016b69 Merge pull request #1776 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.12.2
  • b5b723e Merge pull request #1775 from smallstep/dependabot/go_modules/google.golang.org/api-0.171.0
  • 0a6e79a Merge pull request #1778 from smallstep/dependabot/github_actions/dependabot/fetch-metadata-2.0.0
  • 9d86361 Bump github.com/hashicorp/vault/api from 1.12.1 to 1.12.2
  • 7e05343 Merge pull request #1774 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.44.1
  • 014b4ef Bump dependabot/fetch-metadata from 1.6.0 to 2.0.0
  • 21734f7 Bump google.golang.org/api from 0.169.0 to 0.171.0
  • 927cd97 Bump go.step.sm/crypto from 0.43.1 to 0.44.1

Thanks!

Those were the changes on v0.26.0!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.