moepman
/
acertmgr
mirror of https://github.com/moepman/acertmgr.git
1
0
Fork 0
Code Releases Activity
225 Commits 2 Branches 20 Tags 316 KiB
Commit Graph

225 Commits

Author SHA1 Message Date
Markus 9ca6dae048 version: bump to 1.0.5 2023-07-13 15:36:44 +02:00
Kishi85 274351415d Update github action workflow to build debian packages with gzip format for older OS versions 2023-07-12 17:46:06 +02:00
Rudolf Mayerhofer f78cb5c554 Github Action: Update to newer github action syntax/standards, change image to ubuntu-latest, change pypi-publish to supported version and check if we have credentials to publish at all 2023-07-12 16:10:21 +02:00
Rudolf Mayerhofer c3736c0838 Allow multiple sets of the same domain to defined in a single config file (necessary for multiple certs using different key_algorithm) in a list style notation (lists of maps) 2023-07-12 16:10:21 +02:00
Rudolf Mayerhofer 1a98f86aad Fix idna conversion for force-renew (probably broken since the IDNA cleanup) 2023-07-12 16:10:21 +02:00
Rudolf Mayerhofer ef81ea62d1 Unify key_algorithm handling for elipic curves (change naming to ECC but stay backwards compatible) 2023-07-12 16:10:21 +02:00
Rudolf Mayerhofer d1caaf80ef Fix LOG_REPLACEMENTS determination when multiple domain sets exist and we are on a newer version of python 2023-07-12 16:10:21 +02:00
Rudolf Mayerhofer ba644d44f1 Update config id if we have a key algorithm set to allow for multiple certs with different algorithms for the same set of domains 
This is a breaking change!
Changes the id for configurations with a key algorithm set, which by default results in changes to serveral dependent configuration values as well,
such as cert_file/key_file/csr_file. This will require existing ECC setups to append the ecc suffix to files in the acertmgr configuration directory
 2023-07-12 16:10:21 +02:00
Jan c15b6ec441 Instantiate HashAlgorithm in OCSPRequestBuilder 
Installations of more recent cryptography require parameter hash
algorithm to be an instance of hashes.HashAlgorithm, not the bare object
itself.

Fixes #63
 2023-07-10 19:27:44 +02:00
Kishi85 2d230e30d9 Clarify expected authority format (at least for v2) and add an example 2021-10-31 09:57:31 +01:00
Kishi85 6f0ccfdc91 logging: Add real counterparts of IDNA-mapped domains in brackets 2021-09-20 09:26:47 +02:00
Kishi85 460b0119ac configuration: Simplify too complex IDNA conversion 2021-09-13 09:00:59 +02:00
David Klaftenegger e2f7b09b18 certs already contain idna domain names 
The idna_convert call here does nothing: when reading a certificate, it
already contains idna domain names. Converting them to idna is
equivalent to the identity function, and can thus be removed.
 2021-05-30 16:21:54 +02:00
Markus 93e28437ff version: bump to 1.0.4 2021-05-21 22:52:34 +02:00
Kishi85 2e1f5cd894 acertmgr/v2: Handle CA certificate chains properly 2021-05-21 22:50:44 +02:00
Kishi85 ce157a5c8a CI: Build on Ubuntu 18.04 while we are Python 2 compatbile and OS version is not EOL 2021-03-23 18:43:07 +01:00
Kishi85 9953cb4527 standalone: Fix multiple challange handlers on same port 
If you define challenge handlers on a per-domain basis multiple will be
created. This would cause the standalone handler to potientially try
to bind the same port (when configured) multiple times, which would only
work on the first try. Subsequent tries would fail with "Address already
in use". To fix this only bind the server between start and stop of the
challenge and cleanup afterwards.
 2021-03-23 18:43:07 +01:00
Markus 7a5d35f29b GitHub Actions: use current setuptools and wheel 2020-10-12 19:22:02 +02:00
Markus 62f01aeff9 GitHub Actions: twine upload via pypa/gh-action-pypi-publish 2020-10-12 19:01:09 +02:00
Markus b48f4532b9 reformat setup.py 2020-10-12 17:48:55 +02:00
Markus bc2a7229ec GitHub Actions: unify whitespace style 2020-10-12 17:22:52 +02:00
Markus fd4fed9432 version: bump to 1.0.3 2020-03-12 18:41:15 +01:00
Markus 56743dcbb9 GitHub Actions: fix fetching tags 2020-03-04 17:29:11 +01:00
Kishi85 0648cb7b38 tools: Fix IDNA handler (again) 2020-03-04 14:50:05 +01:00
Kishi85 b37d0cad94 acertmgr: Add a OCSP validation to certificate verification 2020-03-04 14:50:05 +01:00
Kishi85 c33a39a433 tools: make pem file writable by owner before tryting to write 
A PEM file might not be writable by the owner when it should be written
(e.g. on Windows), so we have to ensure the file has write permissions
before doing so
 2020-03-04 14:40:49 +01:00
Kishi85 882ddfd0b8 Generate proper dependencies on deb Packages 2020-02-20 18:40:22 +01:00
Kishi e5edc4e5aa Use Github Actions for automated building and release 2020-02-20 18:35:41 +01:00
Markus e48724b726 version: bump to 1.0.2 2019-11-23 15:37:07 +01:00
Markus 6314f468c1 setup.py: fix package name for yaml 2019-11-08 19:40:05 +01:00
Kishi85 97e9be80cf acertmgr: Fix module/function issues on windows 2019-10-28 10:50:09 +01:00
Kishi85 f5f038d47b configuration: global config is now relative to config_dir 2019-10-26 19:11:33 +02:00
Markus a0a4b0bf07 version: bump to 1.0.1 2019-10-01 13:08:45 +02:00
Markus a63eabd0ee .drone.yml: upload releases to PyPI 2019-10-01 13:08:10 +02:00
Markus 2911e05165 setup.py: use proper PyPI supported classifiers 2019-10-01 13:06:37 +02:00
Markus 8dad549d68 version: bump to 1.0.0 2019-09-23 14:57:29 +02:00
Markus 11d43d4817 build packages via drone.io 2019-09-23 14:57:12 +02:00
Kishi85 ba4dda154b acertmgr: Remove legacy configuration directives (#30) 2019-09-06 16:07:16 +02:00
Markus 31c43321d4 version: bump to 0.9.8 2019-07-04 09:34:31 +02:00
Kishi85 9b10f10efd dns.*: Use a static query timeout for any DNS queries using dnspython 2019-07-02 12:55:09 +02:00
Kishi85 1a4272f11a authority.v2: invalidate nonces after 2 minutes and re-request 
Boulder seems to invalidate older nonces after some time. Therefore we
allow nonces from the cache to be used for up to 2 minutes and after
those they will be considered invalid (and re-requested with an extra
request to the nonce endpoint when necessary)
 2019-06-21 11:39:10 +02:00
Markus 514ff7cbad version: bump to 0.9.7 2019-06-12 10:40:06 +02:00
Kishi85 0b8e49d6ee tools: Display warning about IDNA only if unicode names are in use 2019-06-11 10:05:37 +02:00
Kishi85 af0bb45d73 authority.v2: Properly clear the nonce cache on using it's content 2019-06-11 09:52:55 +02:00
Kishi85 7475d5e73f authority.v2: Check challenge return code on validation as well 2019-06-11 09:52:55 +02:00
Markus bc991f12d1 version: bump to 0.9.6 2019-05-20 18:43:49 +02:00
Kishi85 abc0c4a9c2 authority: use correct account_key_length 2019-05-13 21:47:31 +02:00
Kishi85 258855c5b4 legacy: fix ToS agreement value 2019-05-13 20:48:44 +02:00
Kishi85 6e52dd41b0 docs: Update README 2019-05-06 21:24:35 +02:00
Kishi85 7a019d1ac9 idna: unify usage as tools function 2019-05-06 21:24:24 +02:00