Official Release Artifacts
For more builds across platforms and architectures see the
Assets section below.
Don't see the artifact you need? Open an issue here.
Signatures and Checksums
step uses sigstore/cosign for signing and verifying release artifacts.
Below is an example using
cosign to verify a release artifact:
cosign verify-blob \ -key https://raw.githubusercontent.com/smallstep/cli/master/cosign.pub \ -signature ~/Downloads/step_darwin_0.17.3-rc30_amd64.tar.gz.sig ~/Downloads/step_darwin_0.17.3-rc30_amd64.tar.gz
checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.
ae989da [action] another forgotten close brace
Those were the changes on v0.17.3-rc30!
Come join us on Discord to ask questions, chat about PKI, or get a sneak peak at the freshest PKI memes.