diff --git a/.github/mdl.config.json b/.github/mdl.config.json index 6bf862ba..82c1ab2b 100644 --- a/.github/mdl.config.json +++ b/.github/mdl.config.json @@ -33,6 +33,9 @@ { "pattern": "^https://admin.google.com" }, + { + "pattern": "^https://trustedcomputinggroup.org" + }, { "pattern": "^https://azure.microsoft.com" }, @@ -43,7 +46,7 @@ "pattern": "^https://.*freedesktop.org" }, { - "pattern": "^https://www.hashicorp.com" + "pattern": "^https://.*.hashicorp.com" }, { "pattern": "^https://github.com/Neilpang/acme.sh/issues/2422" @@ -51,6 +54,9 @@ { "pattern": "^https://arubanetworking.hpe.com" }, + { + "pattern": "^mailto:.*" + }, { "pattern": "^https://www.w3.org" } diff --git a/step-ca/registration-authority-ra-mode.mdx b/step-ca/registration-authority-ra-mode.mdx index 1fe5a38e..f2f78a23 100644 --- a/step-ca/registration-authority-ra-mode.mdx +++ b/step-ca/registration-authority-ra-mode.mdx @@ -331,7 +331,7 @@ you'll need to set up your Google Cloud project using the `gcloud` CLI: ## Hashicorp Vault RA mode The RA mode in `step-ca` can peer with Vault's PKI secrets engine, using it as an upstream CA. -From the [Vault Documentation](https://www.vaultproject.io/docs/secrets/pki): +From the [Vault Documentation](https://developer.hashicorp.com/vault/docs/secrets/pki): > "The PKI secrets engine generates dynamic X.509 certificates. With this secrets engine, services can get certificates without going through the usual manual process of generating a private key and CSR, submitting to a CA, and waiting for a verification and signing process to complete." @@ -343,7 +343,7 @@ Then we'll configure `step-ca`'s RA mode to use Vault to sign certificates. ### Requirements * [`step-ca`](https://smallstep.com/docs/step-ca/installation) -* A [Hashicorp Vault](https://learn.hashicorp.com/tutorials/vault/getting-started-deploy) server +* A [Hashicorp Vault](https://developer.hashicorp.com/vault/install) server * The [`jq`](https://jqlang.github.io/jq/) tool to parse JSON output ### Creating a Vault PKI @@ -354,7 +354,7 @@ For a proof of concept, you can run `vault server -dev` in a terminal window to In production, you'll need to run Vault as a daemon and use HTTPS. Vault supports both server TLS verification, and mutual TLS authentication. -See Vault's [Environment Variables](https://www.vaultproject.io/docs/commands#environment-variables) documentation for more. +See Vault's [Environment Variables](https://developer.hashicorp.com/vault/docs/commands#configure-environment-variables) documentation for more. If you're running Vault in dev mode, set `VAULT_ADDR`: @@ -479,7 +479,7 @@ vault policy write smallstep policy.hcl In this example, Vault will sign certificates of all three key types for the RA server: EC, RSA, and Ed25519. EC must always be enabled, because it's required for `step-ca`'s internal TLS certificate. However, if your PKI will not use RSA or Ed25519, please restrict your Vault policy to the key types you will use. -Vault's [Policy documentation](https://www.vaultproject.io/docs/concepts/policies) describes the policy langauge used by Vault. +Vault's [Policy documentation](https://developer.hashicorp.com/vault/docs/concepts/policies) describes the policy langauge used by Vault. #### 4. Enable Vault authentication for your RA. diff --git a/tutorials/ssh-certificate-login.mdx b/tutorials/ssh-certificate-login.mdx index c37f3a22..9b849145 100644 --- a/tutorials/ssh-certificate-login.mdx +++ b/tutorials/ssh-certificate-login.mdx @@ -25,7 +25,7 @@ OpenSSH and SSHD have supported SSH certificate login for almost ten years. In t - **Open Source -** This tutorial assumes you have initialized and started up a `step-ca`instance using the steps in [Getting Started](../step-ca/getting-started.mdx). - **[Smallstep Certificate Manager](https://smallstep.com/certificate-manager) -** Please contact [Smallstep Customer Success](mailto:support@smallstep.com) if you would like to activate SSH certificates on your Certificate Manager account. -- [Vagrant](https://www.vagrantup.com/docs/installation) +- [Vagrant](https://developer.hashicorp.com/vagrant/docs/installation) ## Overview