Official Release Artifacts

Linux

• 📦 step-ca_linux_0.28.4_amd64.tar.gz
• 📦 step-ca_0.28.4-1_amd64.deb
• 📦 step-ca-0.28.4-1.x86_64.rpm
• 📦 step-ca_0.28.4-1_arm64.deb
• 📦 step-ca-0.28.4-1.aarch64.rpm

OSX Darwin

• 📦 step-ca_darwin_0.28.4_amd64.tar.gz
• 📦 step-ca_darwin_0.28.4_arm64.tar.gz

Windows

• 📦 step-ca_windows_0.28.4_amd64.zip

For more builds across platforms and architectures, see the Assets section below.
And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.28.4_amd64.tar.gz.pem \
  --signature step-ca_darwin_0.28.4_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.28.4_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

• 2c61c44 Update changelog (#2332)
• c86cf07 Merge pull request #2331 from smallstep/mariano/fix-tests
• 831d005 Fix gcp unit tests
• bc09e46 Merge pull request #2133 from ericnorris/feat-gcp-enable-organization-checking
• 0d9f051 Merge branch 'master' into feat-gcp-enable-organization-checking
• 197d0d3 Changelog updates (#2330)
• 2932225 Merge pull request #2329 from smallstep/dependabot/go_modules/google.golang.org/api-0.240.0
• b1dd5a6 Bump google.golang.org/api from 0.239.0 to 0.240.0
• 8b9bd89 refactor: make projectIDs authoritative
• a3db8de feat(gcp): enable organization checking

Thanks!

Those were the changes on v0.28.4!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.