Skip to content

Commit

Permalink
Merge pull request #350 from smallstep/carl/fixes-309
Browse files Browse the repository at this point in the history 
Fixes #349
  • Loading branch information
@tashian
tashian authored Sep 25, 2024
2 parents 00bdcfe + 588dfd5 commit f5b53a2
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 3 deletions.
5 changes: 3 additions & 2 deletions step-ca/templates.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ Here are some common variables available in X.509 certificate templates:
For provisioners that use certificates to authorize requests (eg. the X5C provisioner),
this is the certificate used to authorize the current certificate request with the CA.
The client has proven posession of this certificate's private key.
The `.AuthorizationCrt` will have the following properties (a.o.): `Subject`, `Subject.CommonName`, `SerialNumber`, `DNSNames`, `EmailAddresses`, `IPAddresses`, `URIs`, `SANs` and `Extensions` (See [the Certificate struct shown here](https://github.com/smallstep/crypto/blob/master/x509util/certificate.go#L16)).
For an X.509 authorization certificate, the `.AuthorizationCrt` is a [`crypto/x509` Certificate](https://pkg.go.dev/crypto/x509#Certificate).

- **.AuthorizationChain**:
For provisioners that use certificates to authorize requests (eg. the X5C provisioner),
Expand All @@ -116,7 +116,8 @@ Here are some common variables available in X.509 certificate templates:

- **.Insecure.CR**<Reference id="star11" marker="*" />: ☠️
This holds the Certificate Request (CSR) received from the client.
How step-ca treats these values depends on the provisioner.
`.Insecure.CR` is a [`crypto/x509` CertificateRequest](https://pkg.go.dev/crypto/x509#CertificateRequest).
How `step-ca` handles a Certificate Request depends on the provisioner.
While a CSR is always passed to step-ca (often alongside a signed token),
in most cases _only the public key value in the CSR is used by step-ca_.
These properties are marked _insecure_ because CSRs are not explicitly authenticated by step-ca.
Expand Down
2 changes: 1 addition & 1 deletion tutorials/intune-mdm-setup-guide.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ Once you've completed this tutorial, your Intune certificate enrollment process

You will need:
- A [Smallstep team](https://smallstep.com/signup)
- A [Microsoft Azure / Entra ID](https://azure.microsoft.com/en-us/free/) Tenant
- A [Microsoft Azure / Entra ID](https://azure.microsoft.com/en-us/pricing/purchase-options/azure-account?icid=azurefreeaccount) Tenant
- A [Microsoft Intune](https://www.microsoft.com/en-us/security/business/microsoft-intune) Tenant
- A test device to enroll for management by Intune
- This can be a Windows VM, but you may need a physical device or additional Wi-Fi adapter for testing an Enterprise Wi-Fi connection
Expand Down

0 comments on commit f5b53a2

Please sign in to comment.