CommonNamesCommand returns the common names policy subcommand.
(ctx context.Context)
| 17 | |
| 18 | // CommonNamesCommand returns the common names policy subcommand. |
| 19 | func CommonNamesCommand(ctx context.Context) cli.Command { |
| 20 | commandName := policycontext.GetPrefixedCommandUsage(ctx, "cn") |
| 21 | return cli.Command{ |
| 22 | Name: "cn", |
| 23 | Usage: "add or remove common names", |
| 24 | UsageText: fmt.Sprintf(`**%s** <name> [**--remove**] |
| 25 | [**--provisioner**=<name>] [**--eab-key-id**=<eab-key-id>] [**--eab-key-reference**=<eab-key-reference>] |
| 26 | [**--admin-cert**=<file>] [**--admin-key**=<file>] [**--admin-subject**=<subject>] |
| 27 | [**--admin-provisioner**=<name>] [**--admin-password-file**=<file>] |
| 28 | [**--ca-url**=<uri>] [**--root**=<file>] [**--context**=<name>]`, commandName), |
| 29 | Description: fmt.Sprintf(`**%s** command manages common names in policies |
| 30 | |
| 31 | ## EXAMPLES |
| 32 | |
| 33 | Allow "My CA Name" as Common Name in X.509 certificates on authority level |
| 34 | ''' |
| 35 | $ step ca policy authority x509 allow cn "My CA Name" |
| 36 | ''' |
| 37 | |
| 38 | Allow www.example.com as Common Name in X.509 certificates on authority level. |
| 39 | This can be used in case www.example.com is not allowed as a DNS SAN, but is |
| 40 | allowed to be used in the Common Name. |
| 41 | ''' |
| 42 | $ step ca policy authority x509 allow cn www.example.com |
| 43 | ''' |
| 44 | |
| 45 | Remove www.example.com from allowed Common Names in X.509 certificates on authority level. |
| 46 | ''' |
| 47 | $ step ca policy authority x509 allow cn www.example.com --remove |
| 48 | ''' |
| 49 | |
| 50 | Deny "My Bad CA Name" as Common Name in X.509 certificates on authority level |
| 51 | ''' |
| 52 | $ step ca policy authority x509 deny cn "My Bad CA Name" |
| 53 | '''`, commandName), |
| 54 | Action: command.InjectContext( |
| 55 | ctx, |
| 56 | commonNamesAction, |
| 57 | ), |
| 58 | Flags: []cli.Flag{ |
| 59 | flags.Provisioner, |
| 60 | flags.EABKeyID, |
| 61 | flags.EABReference, |
| 62 | cli.BoolFlag{ |
| 63 | Name: "remove", |
| 64 | Usage: `removes the provided Common Names from the policy instead of adding them`, |
| 65 | }, |
| 66 | flags.AdminCert, |
| 67 | flags.AdminKey, |
| 68 | flags.AdminSubject, |
| 69 | flags.AdminProvisioner, |
| 70 | flags.AdminPasswordFile, |
| 71 | flags.CaURL, |
| 72 | flags.Root, |
| 73 | flags.Context, |
| 74 | }, |
| 75 | } |
| 76 | } |
no test coverage detected
searching dependent graphs…