Skip to content

Step CA v0.25.3-rc6 (24-02-27)

Pre-release
Pre-release
Compare
Choose a tag to compare
@github-actions github-actions released this 27 Feb 20:50
v0.25.3-rc6
This tag was signed with the committer’s verified signature.
hslatman Herman Slatman
GPG key ID: F4D8A44EA0A75A4F
Learn about vigilant mode.
fb4cd6f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.25.3-rc6_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.25.3-rc6_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.25.3-rc6_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • fb4cd6f fix: Webhook-related instruments
  • c798735 Merge pull request #1542 from smallstep/herman/webhook-request-id
  • 041b486 Remove usages of Sign without context
  • c16a0b7 Remove smallstep/assert and pkg/errors from webhook tests
  • 9689508 Add tests for webhook request IDs
  • 2a8b80a Merge branch 'master' into herman/webhook-request-id
  • 6ce502c Merge pull request #1741 from smallstep/dependabot/go_modules/github.com/go-jose/go-jose/v3-3.0.2
  • 0d2aeff Merge pull request #1739 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.62.0
  • 5ee2e02 Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.2
  • e4bbe89 Bump google.golang.org/grpc from 1.61.0 to 1.62.0
  • 98a976b Merge pull request #1740 from smallstep/dependabot/go_modules/github.com/fxamacker/cbor/v2-2.6.0
  • a583b59 Merge pull request #1738 from smallstep/dependabot/go_modules/github.com/googleapis/gax-go/v2-2.12.2
  • 0b196b0 Bump github.com/fxamacker/cbor/v2 from 2.5.0 to 2.6.0
  • fa941dc Bump github.com/googleapis/gax-go/v2 from 2.12.0 to 2.12.2
  • bb6aae0 Merge pull request #1736 from patsevanton/master
  • c2dfe59 Сorrection of spelling errors
  • e968275 Merge pull request #1729 from patsevanton/master
  • 7e1b93b Update examples/README.md
  • dc577e2 Merge pull request #1724 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.30.0
  • 3a2b426 Bump github.com/newrelic/go-agent/v3 from 3.29.1 to 3.30.0
  • f7554a0 Merge pull request #1725 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.6.0
  • 685e107 Merge pull request #1726 from smallstep/dependabot/go_modules/google.golang.org/api-0.165.0
  • 0a074cb Spelling errors and punctuation have been corrected
  • 8e1f538 Bump google.golang.org/api from 0.160.0 to 0.165.0
  • e6491ca Merge pull request #1727 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.43.1
  • 507f4d0 Bump go.step.sm/crypto from 0.43.0 to 0.43.1
  • 2ffc908 Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.5.0 to 0.6.0
  • bb296c9 Merge pull request #1708 from smallstep/herman/csr-expires-header
  • bd99db0 Merge pull request #1685 from venkyg-sec/allow_custom_tls_config
  • 503e504 Merge branch 'master' into allow_custom_tls_config
  • beea482 Fix linter errors in ca/ca.go
  • 073fcb7 Merge pull request #1684 from venkyg-sec/allow_external_x509_ca_service_intf
  • ac773ff Merge branch 'master' into allow_external_x509_ca_service_intf
  • 9fcdd3f Fix format warnings on ca/ca.go
  • 3dbb4aa Change CRL unavailable case to HTTP 404
  • 5d865b2 Merge pull request #1715 from rvichery/aws-ca-west-1-iid-certificate
  • ee44ac1 fixup! Add AWS ca-west-1 identity document certificate
  • 490d065 Merge pull request #1713 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/approle-0.6.0
  • 283d46d Add AWS ca-west-1 identity document certificate
  • a3bed40 Bump github.com/hashicorp/vault/api/auth/approle from 0.5.0 to 0.6.0
  • d174e78 Merge pull request #1712 from smallstep/dependabot/go_modules/golang.org/x/net-0.21.0
  • 5f91441 Merge pull request #1711 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.5.5
  • a32dade Bump golang.org/x/net from 0.20.0 to 0.21.0
  • b9db4e3 Bump cloud.google.com/go/longrunning from 0.5.4 to 0.5.5
  • c76dad8 Improve tests for CRL HTTP handler
  • 69f5f8d Use stretchr/testify instead of smallstep/assert for tests
  • d1deb7f Add Expires header to CRL response
  • 6724692 Merge pull request #1706 from smallstep/dependabot/go_modules/github.com/prometheus/client_golang-1.18.0
  • 6d29e8a Merge pull request #1704 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.43.0
  • 05ccf84 Merge pull request #1705 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.15.5
  • 78522c7 Bump github.com/prometheus/client_golang from 1.15.1 to 1.18.0
  • 053d05b Bump cloud.google.com/go/security from 1.15.4 to 1.15.5
  • 5209393 Bump go.step.sm/crypto from 0.42.1 to 0.43.0
  • 59ea731 Merge pull request #1693 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.11.0
  • 78d889a Bump github.com/hashicorp/vault/api from 1.10.0 to 1.11.0
  • 2fcb33b Merge pull request #1695 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.29.1
  • fe926e9 Merge pull request #1694 from smallstep/dependabot/go_modules/github.com/google/uuid-1.6.0
  • 8123d6a Merge pull request #1692 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.42.1
  • d9cf8aa Bump github.com/newrelic/go-agent/v3 from 3.29.0 to 3.29.1
  • eeaabbc Bump github.com/google/uuid from 1.5.0 to 1.6.0
  • 1122090 Bump go.step.sm/crypto from 0.42.0 to 0.42.1
  • 356e707 Allow usage of externally supplied TLS config
  • fbc1e89 Allow x509 Service CA implementation to be injected through ca and authority options
  • 4ef093d Fix broken tests relying on Sign in mocks
  • 9e3807e Use SignWithContext in the critical paths
  • 4e06bdb Add SignWithContext method to authority and mocks
  • b2301ea Remove the webhook Do method
  • f3229d3 Propagate (original) request ID to webhook requests

Thanks!

Those were the changes on v0.25.3-rc6!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peak at the freshest PKI memes.

Assets 140