Step CLI v0.28.0 (24-10-30)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.0_amd64.tar.gz
• 📦 step_linux_0.28.0_arm64.tar.gz
• 📦 step_linux_0.28.0_armv7.tar.gz
• 📦 step-cli_0.28.0-1_amd64.deb
• 📦 step-cli-0.28.0-1.x86_64.rpm
• 📦 step-cli_0.28.0-1_arm64.deb
• 📦 step-cli-0.28.0-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.0_amd64.tar.gz
• 📦 step_darwin_0.28.0_arm64.tar.gz

Windows

• 📦 step_windows_0.28.0_amd64.zip
• 📦 step_windows_0.28.0_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.0_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.0_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.0_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 874a879 Bump certificates to 0.28.0 (#1307)
• 5415196 Update changelog for v0.28.0 (#1306)
• e3a16d4 Remove --bundle from step ca certificate usage text (#1302)
• b226259 Merge pull request #1301 from smallstep/herman/fix-step-context-cli-utils
• ebeca4f Add disableSSHCAUser and disableSSHCAHost attributes to GCP provisioner (#1305)
• 4dfc345 Merge pull request #1304 from smallstep/dependabot/github_actions/actions/checkout-4.2.2
• 924009d Merge pull request #1303 from smallstep/dependabot/github_actions/actions/setup-go-5.1.0
• 4cba2d4 Bump actions/checkout from 4.2.1 to 4.2.2
• eaff111 Bump actions/setup-go from 5.0.2 to 5.1.0
• 8bd4d48 Fix --context being ignored in commands that rely on certificates
• f619bce Merge pull request #1300 from stefaanderoeck/stefaan/android-v0.20.0
• 51bf14b OpenInBrowser on Android as well

Thanks!

Those were the changes on v0.28.0!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.27.5 (24-10-17)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.27.5_amd64.tar.gz
• 📦 step_linux_0.27.5_arm64.tar.gz
• 📦 step_linux_0.27.5_armv7.tar.gz
• 📦 step-cli_0.27.5-1_amd64.deb
• 📦 step-cli-0.27.5-1.x86_64.rpm
• 📦 step-cli_0.27.5-1_arm64.deb
• 📦 step-cli-0.27.5-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.27.5_amd64.tar.gz
• 📦 step_darwin_0.27.5_arm64.tar.gz

Windows

• 📦 step_windows_0.27.5_amd64.zip
• 📦 step_windows_0.27.5_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.27.5_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.27.5_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.27.5_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• b436480 Bump certificates to 0.27.5 (#1299)
• 3b5bc1a Update changelog for 0.27.5 (#1298)
• e2ff4af Merge pull request #1297 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.16
• 1380634 Bump github.com/urfave/cli from 1.22.15 to 1.22.16
• 87bcf1a Merge pull request #1296 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.54.0
• b4d19af Bump go.step.sm/crypto from 0.53.0 to 0.54.0
• 3d38cfe Merge pull request #1292 from smallstep/dependabot/go_modules/google.golang.org/protobuf-1.35.1
• ea6c385 Bump google.golang.org/protobuf from 1.34.2 to 1.35.1
• bb7bdfe Merge pull request #1293 from smallstep/dependabot/github_actions/actions/checkout-4.2.1
• 5accd75 Merge pull request #1290 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.28.0
• b2e9c34 Bump actions/checkout from 4.2.0 to 4.2.1
• a54eb69 Bump golang.org/x/crypto from 0.27.0 to 0.28.0
• e19cb50 Merge pull request #1287 from smallstep/herman/remove-scope-flag
• 9cbb404 Add --remove-scope flag
• d8ddcb6 Merge pull request #1285 from smallstep/dependabot/github_actions/actions/checkout-4.2.0
• b8de57f Merge pull request #1286 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.53.0
• 4aef7d0 Bump go.step.sm/crypto from 0.51.2 to 0.53.0
• dd2c416 Bump actions/checkout from 4.1.7 to 4.2.0
• e3c3f20 Merge pull request #1273 from smallstep/herman/use-renamed-cli-utils-module
• 24f94b0 Add basic tests for CLI app initialization and execution
• 177f391 Use github.com/smallstep/cli-utils in CLI main
• de85fd0 Use github.com/smallstep/cli-utils and reorder imports
• bec3072 Merge pull request #1284 from smallstep/herman/768kb-docker-fix
• 6d6af3a Add missing backslash
• c7fbf85 Do same commands as alpine Dockerfile
• cd6758c Merge pull request #1279 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.52.0
• 36e355b Merge pull request #1278 from smallstep/dependabot/go_modules/github.com/slackhq/nebula-1.9.4
• f089b5e Bump go.step.sm/crypto from 0.51.2 to 0.52.0
• bf61efc Bump github.com/slackhq/nebula from 1.9.3 to 1.9.4
• 88d6a6f Merge pull request #1277 from smallstep/jdoss/Filter_armhf6_deb
• 053f042 Add if statement to skip uploading armhf6 deb due to GCP AR issues.

Thanks!

Those were the changes on v0.27.5!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.27.4 (24-09-13)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.27.4_amd64.tar.gz
• 📦 step_linux_0.27.4_arm64.tar.gz
• 📦 step_linux_0.27.4_armv7.tar.gz
• 📦 step-cli_0.27.4-1_amd64.deb
• 📦 step-cli-0.27.4-1.x86_64.rpm
• 📦 step-cli_0.27.4-1_arm64.deb
• 📦 step-cli-0.27.4-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.27.4_amd64.tar.gz
• 📦 step_darwin_0.27.4_arm64.tar.gz

Windows

• 📦 step_windows_0.27.4_amd64.zip
• 📦 step_windows_0.27.4_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.27.4_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.27.4_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.27.4_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• acb623a Bump smallstep/certificates to 0.27.4 (#1276)
• 111bcb9 Bumping CHANGELOG to 0.27.4 (#1275)
• 897b9de Update changelog for 0.27.3 (#1272)
• ded1861 Allow input from stdin for 'certificate fingerprint' command (#1270)
• 33edf23 Merge pull request #1269 from smallstep/dependabot/go_modules/go.mozilla.org/pkcs7-0.9.0
• c5c31ea Merge pull request #1268 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.27.0
• 90241e5 Bump go.mozilla.org/pkcs7
• f5d9998 Bump golang.org/x/crypto from 0.26.0 to 0.27.0
• a1fa442 Merge pull request #1264 from smallstep/dependabot/go_modules/software.sslmate.com/src/go-pkcs12-0.5.0
• 4dc4f3d Merge pull request #1265 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.51.2
• 936fb7b Bump go.step.sm/crypto from 0.51.1 to 0.51.2
• 203d34e Bump software.sslmate.com/src/go-pkcs12 from 0.4.0 to 0.5.0
• 036917a Merge pull request #1262 from magnuswatn/parse_crl_entry_extensions
• 88765a7 Parse crlEntryExtensions in CRLs
• d4fc1e9 Merge pull request #1202 from smallstep/dependabot/go_modules/github.com/google/go-tpm-0.9.1
• f14730a Bump github.com/google/go-tpm from 0.9.0 to 0.9.1
• 5df4a21 Merge pull request #1190 from smallstep/dependabot/go_modules/github.com/slackhq/nebula-1.9.3
• a6a4214 Fix linter issues
• 1e8f43b Run go mod tidy
• f89eeab Bump github.com/slackhq/nebula from 1.8.2 to 1.9.3
• 01b22f4 Fix Release URLs with new file name formats. (#1256)
• 8880c6c Merge pull request #1257 from smallstep/carl/powershell-vt100
• d591655 Guard legacy Windows vt100 setup syscall on more recent builds of Windows
• 0671a3d Merge pull request #1254 from smallstep/jdoss/Prerelease_fixes
• 6e72a38 Switch to goreleaser.yml@main.

Thanks!

Those were the changes on v0.27.4!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.27.3-rc25 (24-08-15)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.27.3-rc25_amd64.tar.gz
• 📦 step_linux_0.27.3-rc25_arm64.tar.gz
• 📦 step_linux_0.27.3-rc25_armv7.tar.gz
• 📦 step-cli_0.27.3.rc25-1_amd64.deb
• 📦 step-cli-0.27.3.rc25-1.x86_64.rpm
• 📦 step-cli_0.27.3.rc25-1_arm64.deb
• 📦 step-cli-0.27.3.rc25-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.27.3-rc25_amd64.tar.gz
• 📦 step_darwin_0.27.3-rc25_arm64.tar.gz

Windows

• 📦 step_windows_0.27.3-rc25_amd64.zip
• 📦 step_windows_0.27.3-rc25_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.27.3-rc25_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.27.3-rc25_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.27.3-rc25_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• b7500df Disable CI again.
• 662aa21 Update .goreleaser.yml
• 1d11fc3 Update .goreleaser.yml
• 42a92b1 Reenable CI.

Thanks!

Those were the changes on v0.27.3-rc25!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Release v0.27.3-rc24

Disable CI again.

Release v0.27.3-rc23

Temp disable CI.

Step CLI v0.27.3-rc21 (24-08-13)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.27.3-rc21_amd64.tar.gz
• 📦 step_linux_0.27.3-rc21_arm64.tar.gz
• 📦 step_linux_0.27.3-rc21_armv7.tar.gz
• 📦 step-cli_0.27.3-rc21_amd64.deb
• 📦 step-cli_0.27.3-rc21_amd64.rpm
• 📦 step-cli_0.27.3-rc21_arm64.deb
• 📦 step-cli_0.27.3-rc21_arm64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.27.3-rc21_amd64.tar.gz
• 📦 step_darwin_0.27.3-rc21_arm64.tar.gz

Windows

• 📦 step_windows_0.27.3-rc21_amd64.zip
• 📦 step_windows_0.27.3-rc21_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.27.3-rc21_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.27.3-rc21_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.27.3-rc21_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• c87aa50 Set NFPM id and remove GORELEASER_PHASE.

Thanks!

Those were the changes on v0.27.3-rc21!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.27.3-rc20 (24-08-13)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.27.3-rc20_amd64.tar.gz
• 📦 step_linux_0.27.3-rc20_arm64.tar.gz
• 📦 step_linux_0.27.3-rc20_armv7.tar.gz
• 📦 step-cli_0.27.3-rc20_amd64.deb
• 📦 step-cli_0.27.3-rc20_amd64.rpm
• 📦 step-cli_0.27.3-rc20_arm64.deb
• 📦 step-cli_0.27.3-rc20_arm64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.27.3-rc20_amd64.tar.gz
• 📦 step_darwin_0.27.3-rc20_arm64.tar.gz

Windows

• 📦 step_windows_0.27.3-rc20_amd64.zip
• 📦 step_windows_0.27.3-rc20_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.27.3-rc20_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.27.3-rc20_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.27.3-rc20_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• bcf8f8b Adjust template.
• d51d201 Unquote the things.

Thanks!

Those were the changes on v0.27.3-rc20!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Release v0.27.3-rc19

Add quotes.

Release v0.27.3-rc18

Switch to is-prerelease.