Step CLI v0.28.7 (25-07-14)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.7_amd64.tar.gz
• 📦 step_linux_0.28.7_arm64.tar.gz
• 📦 step_linux_0.28.7_armv7.tar.gz
• 📦 step-cli_0.28.7-1_amd64.deb
• 📦 step-cli-0.28.7-1.x86_64.rpm
• 📦 step-cli_0.28.7-1_arm64.deb
• 📦 step-cli-0.28.7-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.7_amd64.tar.gz
• 📦 step_darwin_0.28.7_arm64.tar.gz

Windows

• 📦 step_windows_0.28.7_amd64.zip
• 📦 step_windows_0.28.7_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.7_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.7_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.7_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 6bc838d Bump to [email protected] (#1454)
• 939805a Fix broken test (#1452)
• 3e9adc2 Changelog updates (#1448)
• 60a4eef Fix linter warnings (#1450)
• cb9a523 Merge pull request #1451 from smallstep/carl/readme
• 7725db9 Small tweaks to README
• 632b477 Merge pull request #1447 from smallstep/mariano/plugin
• 12ad189 Fix step-kms-plugin name
• de23b94 Apply suggestions from code review
• e18fcdc Add a plugins section to the README
• b578783 Merge pull request #1446 from smallstep/herman/fix-testscript-runmain-deprecation
• 6a18dda Fix deprecation of testscript.RunMain
• fdc34f4 Merge pull request #1445 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.67.0
• d9ae211 Bump go.step.sm/crypto from 0.66.0 to 0.67.0
• f7dac16 Bump github.com/rogpeppe/go-internal from 1.13.1 to 1.14.1
• ec725b7 Merge pull request #1442 from smallstep/dependabot/go_modules/github.com/go-chi/chi/v5-5.2.2
• b99c3df Bump github.com/go-chi/chi/v5 from 5.2.1 to 5.2.2
• c791bbf Merge pull request #1426 from smallstep/herman/testscript
• 279e638 Allow changing the app name at compile time through AppName
• 1932842 Add check_certificate and check_jwk_without_password
• 9cce28a Merge pull request #1440 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.17
• c030605 Bump github.com/urfave/cli from 1.22.16 to 1.22.17
• 5e20728 Merge pull request #1439 from smallstep/dependabot/github_actions/softprops/action-gh-release-2.3.2
• 7fb48a6 Bump softprops/action-gh-release from 2.2.2 to 2.3.2
• 2944159 Refactor step crypto jwk create commands into using testscript
• 1a494ce Refactor step crypto jwt sign and step crypto jwt verify tests
• 298ff27 Refactor step crypto otp tests into using testscript
• f641332 Use --password-file to provide password to step crypto keypair
• 1fc663b Refactor step crypto keypair tests to use testscript
• 825b161 Replace several old integration style tests with testscript tests
• f338d80 Refactor CLI to make it testable using testscript
• a4a846a Merge pull request #1436 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.39.0
• f8c1eaf Ignore insecure ssh.KeyAlgoDSA usages using nolint
• edca39f Bump golang.org/x/crypto from 0.38.0 to 0.39.0

Thanks!

Those were the changes on v0.28.7!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.28.7-rc9 (25-07-13)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.7-rc9_amd64.tar.gz
• 📦 step_linux_0.28.7-rc9_arm64.tar.gz
• 📦 step_linux_0.28.7-rc9_armv7.tar.gz
• 📦 step-cli_0.28.7.rc9-1_amd64.deb
• 📦 step-cli-0.28.7.rc9-1.x86_64.rpm
• 📦 step-cli_0.28.7.rc9-1_arm64.deb
• 📦 step-cli-0.28.7.rc9-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.7-rc9_amd64.tar.gz
• 📦 step_darwin_0.28.7-rc9_arm64.tar.gz

Windows

• 📦 step_windows_0.28.7-rc9_amd64.zip
• 📦 step_windows_0.28.7-rc9_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.7-rc9_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.7-rc9_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.7-rc9_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 454b853 Pin goreleaser to 2.10.2

Thanks!

Those were the changes on v0.28.7-rc9!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Release v0.28.7-rc8

Revert goreleaser action back to main

Step CLI v0.28.7-rc7 (25-07-13)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.7-rc7_amd64.tar.gz
• 📦 step_linux_0.28.7-rc7_arm64.tar.gz
• 📦 step_linux_0.28.7-rc7_armv7.tar.gz
• 📦 step-cli_0.28.7.rc7-1_amd64.deb
• 📦 step-cli-0.28.7.rc7-1.x86_64.rpm
• 📦 step-cli_0.28.7.rc7-1_arm64.deb
• 📦 step-cli-0.28.7.rc7-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.7-rc7_amd64.tar.gz
• 📦 step_darwin_0.28.7-rc7_arm64.tar.gz

Windows

• 📦 step_windows_0.28.7-rc7_amd64.zip
• 📦 step_windows_0.28.7-rc7_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.7-rc7_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.7-rc7_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.7-rc7_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• bc148d4 Try using pinned version of goreleaser

Thanks!

Those were the changes on v0.28.7-rc7!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.28.7-rc11 (25-07-13)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.7-rc11_amd64.tar.gz
• 📦 step_linux_0.28.7-rc11_arm64.tar.gz
• 📦 step_linux_0.28.7-rc11_armv7.tar.gz
• 📦 step-cli_0.28.7.rc11-1_amd64.deb
• 📦 step-cli-0.28.7.rc11-1.x86_64.rpm
• 📦 step-cli_0.28.7.rc11-1_arm64.deb
• 📦 step-cli-0.28.7.rc11-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.7-rc11_amd64.tar.gz
• 📦 step_darwin_0.28.7-rc11_arm64.tar.gz

Windows

• 📦 step_windows_0.28.7-rc11_amd64.zip
• 📦 step_windows_0.28.7-rc11_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.7-rc11_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.7-rc11_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.7-rc11_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 02a388d Revert acl change

Thanks!

Those were the changes on v0.28.7-rc11!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.28.7-rc10 (25-07-13)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.7-rc10_amd64.tar.gz
• 📦 step_linux_0.28.7-rc10_arm64.tar.gz
• 📦 step_linux_0.28.7-rc10_armv7.tar.gz
• 📦 step-cli_0.28.7.rc10-1_amd64.deb
• 📦 step-cli-0.28.7.rc10-1.x86_64.rpm
• 📦 step-cli_0.28.7.rc10-1_arm64.deb
• 📦 step-cli-0.28.7.rc10-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.7-rc10_amd64.tar.gz
• 📦 step_darwin_0.28.7-rc10_arm64.tar.gz

Windows

• 📦 step_windows_0.28.7-rc10_amd64.zip
• 📦 step_windows_0.28.7-rc10_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.7-rc10_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.7-rc10_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.7-rc10_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 45f771b Revert to main goreleaser action again, leave out acl attribute

Thanks!

Those were the changes on v0.28.7-rc10!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Release v0.28.7-rc6

empty commit

Release v0.28.7-rc5

empty commit

Step CLI v0.28.7-rc3 (25-06-05)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.7-rc3_amd64.tar.gz
• 📦 step_linux_0.28.7-rc3_arm64.tar.gz
• 📦 step_linux_0.28.7-rc3_armv7.tar.gz
• 📦 step-cli_0.28.7.rc3-1_amd64.deb
• 📦 step-cli-0.28.7.rc3-1.x86_64.rpm
• 📦 step-cli_0.28.7.rc3-1_arm64.deb
• 📦 step-cli-0.28.7.rc3-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.7-rc3_amd64.tar.gz
• 📦 step_darwin_0.28.7-rc3_arm64.tar.gz

Windows

• 📦 step_windows_0.28.7-rc3_amd64.zip
• 📦 step_windows_0.28.7-rc3_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.7-rc3_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.7-rc3_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.7-rc3_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• f90649e Merge pull request #1434 from smallstep/herman/fix-windows-ssh-config-path
• d414692 Ensure HOMEDRIVE is used when locating SSH config file location
• 7d7a8ed Merge pull request #1425 from smallstep/dependabot/go_modules/github.com/pquerna/otp-1.5.0
• 271f010 Bump github.com/pquerna/otp from 1.4.0 to 1.5.0
• 2a11114 Merge pull request #1431 from smallstep/mariano/csr-templates
• 931ba5f Update go.step.sm/crypto with template improvements

Thanks!

Those were the changes on v0.28.7-rc3!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.28.7-rc2 (25-05-29)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.7-rc2_amd64.tar.gz
• 📦 step_linux_0.28.7-rc2_arm64.tar.gz
• 📦 step_linux_0.28.7-rc2_armv7.tar.gz
• 📦 step-cli_0.28.7.rc2-1_amd64.deb
• 📦 step-cli-0.28.7.rc2-1.x86_64.rpm
• 📦 step-cli_0.28.7.rc2-1_arm64.deb
• 📦 step-cli-0.28.7.rc2-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.7-rc2_amd64.tar.gz
• 📦 step_darwin_0.28.7-rc2_arm64.tar.gz

Windows

• 📦 step_windows_0.28.7-rc2_amd64.zip
• 📦 step_windows_0.28.7-rc2_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.7-rc2_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.7-rc2_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.7-rc2_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• cb02664 Merge pull request #1429 from smallstep/herman/fix-some-linter-issues
• cdb6e01 Fix linter issues by updating linters and ignoring some issues

Thanks!

Those were the changes on v0.28.7-rc2!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.