ProxmoxVE

nexus/ProxmoxVE

Fork 0

mirror of https://github.com/community-scripts/ProxmoxVE.git synced 2026-05-03 23:45:59 +00:00

Commit Graph

Author	SHA1	Message	Date
Joerg Heinemann	cf391086e5	Step ca update (#14058 ) * Patch for step-ca.sh Patch for making $STD happy (/usr/bin/step is a symlink to /usr/bin/step-cli) * Refactor step-ca installation script Refactor step-ca installation script to improve configuration and template handling. - Carve out step-ca-admin.sh - Patch for making $STD happy (/usr/bin/step is a symlink to /usr/bin/step-cli) - Define enhanced x509 CA and Certificate Templates - Configure CA Provisioners, DB and CRL settings - Generate Root CA Certificate and Key - Validity: 219168h (~25 Years) - maxPathLen: 1 (Root -> Intermediate -> Leaf) => Only one Intermediate CA allowed below Root CA - Active revocation on Intermediate CA and Leaf Certificates by the usage of build-in Certificate Revocation List (CRL) - Generate Intermediate CA Certificate Bundle and Key - Validity: 175368h (~20 Years) - maxPathLen: 0 (Root -> Intermediate -> Leaf) => Intermediate CA is only allowed to issue Leaf Certificates - Active revocation on Leaf Certificates by the usage of build-in Certificate Revocation List (CRL) - Bundle: Certificate Chain (including Root CA Certificate) * Update source URL in step-ca.sh script	2026-05-01 23:07:30 +02:00
push-app-to-main[bot]	8b3966cd31	Add step-ca (ct) (#13775 ) Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>	2026-04-17 15:40:58 +02:00

Author

SHA1

Message

Date

Joerg Heinemann

cf391086e5

Step ca update (#14058 )

* Patch for step-ca.sh

Patch for making $STD happy (/usr/bin/step is a symlink to /usr/bin/step-cli)

* Refactor step-ca installation script

Refactor step-ca installation script to improve configuration and template handling.

- Carve out step-ca-admin.sh
- Patch for making $STD happy (/usr/bin/step is a symlink to /usr/bin/step-cli)
- Define enhanced x509 CA and Certificate Templates
- Configure CA Provisioners, DB and CRL settings
- Generate Root CA Certificate and Key
   - Validity: 219168h (~25 Years)
   - maxPathLen: 1 (Root -> Intermediate -> Leaf) => Only one Intermediate CA allowed below Root CA
   - Active revocation on Intermediate CA and Leaf Certificates by the usage of build-in Certificate Revocation List (CRL)
- Generate Intermediate CA Certificate Bundle and Key
   - Validity: 175368h (~20 Years)
   - maxPathLen: 0 (Root -> Intermediate -> Leaf) => Intermediate CA is only allowed to issue Leaf Certificates
   - Active revocation on Leaf Certificates by the usage of build-in Certificate Revocation List (CRL)
   - Bundle: Certificate Chain (including Root CA Certificate)

* Update source URL in step-ca.sh script

2026-05-01 23:07:30 +02:00

push-app-to-main[bot]

8b3966cd31

Add step-ca (ct) (#13775 )

Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>

2026-04-17 15:40:58 +02:00

2 Commits