Welcome to this new release!
Signatures
step uses sigstore/cosign for signing and verifying release artifacts.
Here is an example of how to use cosign to verify a release artifact:
cosign verify-blob \
-key https://raw.githubusercontent.com/smallstep/cli/master/cosign.pub \
-signature ~/Downloads/step_darwin_0.17.2_amd64.tar.gz.sig
~/Downloads/step_darwin_0.17.2_amd64.tar.gz
Changelog
2f6e74a [action] header footer
1fcd29e Merge pull request #545 from smallstep/max/dns
260ded5 remove debug statement
e1ffc90 Change dns to string slice in ca init but backwards compatible csv
4af6e1b Merge pull request #544 from smallstep/max/token-ca-pass
6563e7c changelog update
787d5fa Extract common provisioner password code into function
40a8bfa Default to provisioner-password-file for token generation ...
ea26436 Thread CA password decryption into offline CA bootstrap
f7c25aa Add comment for Rekey method in offline client
a106b79 changelog update
88f1894 Merge pull request #543 from smallstep/max/ret
4eb80fa needs-renewal: return 2 if file does not exist and ...
c98cc6f Merge pull request #542 from Slamdunk/patch-2
1d299f3 CHANGELOG: use ISO-8601 dates
Thanks!
Those were the changes on v0.17.3-rc24!
Come join us on Discord to ask questions,
chat about PKI, or get a sneak peak at the freshest PKI memes.