Ralf Ramsauer
90af37799e
Allow multiple actions
...
Also update README.md
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2016-04-11 21:29:56 +02:00
Ralf Ramsauer
a464afdf71
Adjust permissions of certificates
...
For the internal store of certificates in the configuration directory, a
permission of user read only is absolutely sufficient
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2016-04-11 21:29:56 +02:00
Ralf Ramsauer
a0e7dd66ea
Make key location dynamic
...
Besides the fact that this removes redundant code, hard coded location
of file is generally no good idea
Also adapt README.md and provide a default location for key files.
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2016-04-11 21:29:56 +02:00
Ralf Ramsauer
79210c5a80
acertmgr.py: use os.path.join() instead of string concatenations
...
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2016-04-11 21:29:56 +02:00
Ralf Ramsauer
f6a50f62ca
Readme: Add hint for proper permission setting of keys
...
openssl genrsa > foo will allow group and world read. Add a hint that
these permissions should be adjusted.
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2016-04-11 21:29:56 +02:00
Ralf Ramsauer
0aeb771333
Add .gitignore
...
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2016-04-11 21:29:56 +02:00
David Klaftenegger
8658ae6fc9
remove obsolete import
2016-04-07 00:44:54 +02:00
David Klaftenegger
779de54a93
Only execute actions once
...
instead of once per domain
2016-04-07 00:43:57 +02:00
David Klaftenegger
089bfcc701
Prevent failure when target file is missing
2016-04-04 23:37:03 +02:00
David Klaftenegger
ec188e90aa
Avoid race condition which is triggered when debugging misconfigurations
2016-04-04 19:41:47 +02:00
David Klaftenegger
321462eb44
Make it a configuration option which ACME authority is used
2016-04-04 19:41:47 +02:00
72ec05cd8e
Improve documentation
2016-04-04 09:20:29 +02:00
David Klaftenegger
3d00888a42
handle correctly when no action is defined
2016-04-04 08:34:22 +02:00
David Klaftenegger
15467e9f84
Add example for multiple domain names per certificate
...
The first name will be the Common Name.
All names will be listed as subject alternate names.
2016-04-04 08:32:17 +02:00
David Klaftenegger
6d98a78bf3
Documentation: add more examples
2016-04-04 08:32:17 +02:00
David Klaftenegger
1c083f6ba5
Documentation changes
...
acme-tiny is no longer required
ca-file needs to be downloaded
minor fixes of inaccuracies
2016-04-04 08:32:17 +02:00
David Klaftenegger
c0a9627746
restore python3 compatibility
2016-04-04 08:32:17 +02:00
David Klaftenegger
76722769ad
correctly handle multiple domain names
2016-04-04 08:32:17 +02:00
David Klaftenegger
acc2f205fd
Change copyright information
2016-04-04 08:32:17 +02:00
David Klaftenegger
22db50c62d
replace acme-tiny
...
using a pyopenssl implementation of the same functionality instead
2016-04-04 08:32:17 +02:00
David Klaftenegger
57174f1a13
Refactor ssl functionality
...
use pyopenssl for certificate validty and requests
2016-04-04 08:32:17 +02:00
David Klaftenegger
83f09a9015
Refactor webserver into separate file
2016-04-04 08:32:17 +02:00
David Klaftenegger
d561351243
Adds support for SubjectAltName in CSR generation
...
To use this feature, add multiple domain names in the configuration,
separated by spaces
2016-04-04 08:32:17 +02:00
3389fd2c32
Actually add actions to the set.
2016-02-28 22:52:12 +01:00
6c7c9dfd91
Merge pull request #7 from davidklaftenegger/update_all_targets
...
replace target files based on timestamp
2016-02-28 22:12:29 +01:00
0a66b07945
Fix error if default values are empty.
2016-02-23 17:53:50 +01:00
7b9cb55bc1
New format: ca to be able to create cert-chains.
2016-02-21 15:27:46 +01:00
c314ca07bb
Fix accidentally removed TODO.
2016-02-21 12:44:24 +01:00
980daea649
Rename notify to action and execute them only once.
2016-02-21 11:18:32 +01:00
David Klaftenegger
682f5bf252
indentation error
...
fixes one instance of space-indentation instead of tab-indentation
2016-02-13 11:38:20 +01:00
David Klaftenegger
2621da80e7
Check result of file metadata changes
...
Changing ownership and permissions is not supported on all filesystems.
This patch prints a warning whenever it fails to set these properties,
but continues without a fatal error.
2016-02-13 11:38:20 +01:00
David Klaftenegger
a225da894a
Use whichever python is available
...
The code is not specific to python2, so any python should do
2016-02-13 11:38:19 +01:00
David Klaftenegger
deeef0d1b9
Initial setup documentation
...
Adds a section for the initial motions required to get a acertmgr running
2016-02-13 11:38:19 +01:00
David Klaftenegger
a7245b2cea
standalone webserver mode
...
This patch adds the ability to start a simple
webserver that is sufficient to solve the ACME
challenge.
2016-02-13 11:38:19 +01:00
2b23b20baf
Implement cert_put and use live API
2016-01-21 16:43:49 +01:00
e9d57e5572
Improve README
2016-01-21 16:43:05 +01:00
e61cabe6bb
More fine grained TODOs for cert_put
2016-01-16 18:58:12 +01:00
daeea9ba3f
Implement check© in cert_get
2016-01-12 17:43:41 +01:00
81ee02f311
Improve error handling and tempfile creation
2016-01-12 17:41:48 +01:00
c6a0458cb7
Use challenge dir from configuration
2016-01-12 17:33:20 +01:00
c1740083a4
Merge pull request #3 from davidklaftenegger/master
...
Improved error checks
2016-01-11 21:44:40 +01:00
54c474da99
Acutally invoke acme_tiny (using the staging API)
2016-01-11 20:51:23 +01:00
5a43733347
Fix markdown in README
2016-01-11 20:22:36 +01:00
55dd798b77
More checks (e.g. for acme_tiny)
2016-01-11 20:15:31 +01:00
386fc5dfac
Merge pull request #2 from davidklaftenegger/master
...
Adds some different small improvements
2016-01-10 23:14:19 +01:00
79f946806c
Handle empty domain config
2016-01-10 17:36:20 +01:00
285e7c2f1e
Split cert_get into cert_get and cert_put
2016-01-10 17:29:26 +01:00
69e93cfaeb
Refactor cert_isValid, minor improvements
2016-01-10 16:40:22 +01:00
c0d88779ca
Merge pull request #1 from davidklaftenegger/master
...
Add minor functionality and code comments
2016-01-10 16:04:52 +01:00
c494fc3ba7
Add a security section to README
2016-01-10 15:56:04 +01:00
