dafed86179
Improve certificate name normalization: remove Unicode characters, etc. ( #906 )
...
* Accented characters are replaced with non-accented version (ä -> a)
* Spaces are replaced with '-' (previously they were removed)
* Multiple non-alphanumeric characters are collapsed into one '-'
2017-09-08 10:52:22 -07:00
82b43b5a9d
Create signal hooks and handler for dumping CSR and certificate details ( #882 )
2017-08-28 17:35:56 -07:00
e7efaf4365
Prevent creation of empty SubjAltNames extension in CSR ( #883 )
2017-08-18 09:10:56 -07:00
7762d6ed52
Reworked sensitive domain name and restriction logic ( #878 )
...
* This is a fix for a potential security issue; the old code had edge
cases with unexpected behavior.
* LEMUR_RESTRICTED_DOMAINS is no more, instead LEMUR_WHITELISTED_DOMAINS
is a list of *allowed* domain name patterns. Per discussion in PR #600
* Domain restrictions are now checked everywhere: in domain name-like
CN (common name) values and SAN DNSNames, including raw CSR requests.
* Common name values that contain a space are exempt, since they cannot
be valid domain names.
2017-08-16 19:24:49 -07:00
cf805f530f
Prevent unintended access to sensitive fields (passwords, private keys) ( #876 )
...
Make sure that fields specified in filter, sortBy, etc. are model fields
and may be accessed. This is fixes a potential security issue.
The filter() function allowed guessing the content of password hashes
one character at a time.
The sort() function allowed the user to call an arbitrary method of an
arbitrary model attribute, for example sortBy=id&sortDir=distinct would
produce an unexpected error.
2017-08-16 09:38:42 -07:00
f5082e2d3a
Starting transition away from not_before and not_after. ( #854 )
2017-07-14 09:24:59 -07:00
61c493fc91
Adding additional failure conditions to sentry tracking. ( #853 )
...
* Adding additional failure conditions to sentry tracking.
* Removing sentry extension as a circular import.
2017-07-13 14:49:04 -07:00
443eb43d1f
Adding the ability to specify a per-certificate rotation policy. ( #851 )
2017-07-12 16:46:11 -07:00
53113e5eeb
Add auditing for creating or updating a cert. ( #845 )
2017-07-04 06:39:16 -07:00
9c92138f2d
Fixing autorotation failures. ( #825 )
...
* Fixing issue with auto rotation failing due to a change in the way certificate data is serialized.
2017-06-02 08:59:42 -07:00
5a4806bc43
Allowing description to be optional. ( #826 )
2017-06-01 17:09:04 -07:00
307a73c752
Fixing some confusion between 401 vs 403 error code. 401 indicates that the user should attempt to authenticate again. Where as 403 indicates the user is authenticated but not allowed to complete an action. ( #804 )
...
Closes #767
2017-05-18 13:20:17 -07:00
ce5a45037a
Fix for status representation in the view ( #778 )
2017-05-05 11:04:40 -07:00
9c9ca37586
Enabling hex serial numbers without breaking backward compatibility. ( #779 )
...
* Enabling hex serial numbers without breaking backward compatibility.
* Fixing tests.
2017-05-05 11:04:09 -07:00
fbc24ea400
There is an issue when iterating over extensions where certificates might not have been issued in adherence with basic constraints. Here we log these errors instead of failing out right. ( #770 )
2017-04-27 17:45:34 -07:00
05f4ae8e58
Hexify cert serial ( #763 )
...
* Hexify serial at the serialization layer
* Fix for flakey test. Change test to test for uppercased string
2017-04-27 09:13:04 -07:00
b0ea027769
Underscores should not be in hostnames ( #728 )
2017-03-15 08:41:06 -07:00
3c5b2618c0
Rely on the lemur generating the correct name for rotated certificates. ( #714 )
...
* Rely on the lemur generating the correct name for rotated certificates.
* Fixing tests.
2017-03-09 13:09:20 -08:00
310e1d4501
Adds support for filtering by UI. Closes #702 . ( #706 )
2017-03-03 15:07:26 -08:00
fc957b63ff
Source syncing tweaks. ( #705 )
...
* Allow owner to be specified when syncing certs.
* Ensuring non-endpoint plugins don't fail to complete syncing.
* Adding in some additional error handling.
2017-03-03 14:53:56 -08:00
08bb9c73a0
allow attributes to be excluded from a cert subject ( #690 )
...
* allow more flexibility in cert subject name
* clean up logic/remove unnecessary code
2017-02-16 13:21:52 -08:00
8afcb50a39
Fixing the re-issuance process. Ensuring that certificates that are r… ( #686 )
...
* Fixing the re-issuance process. Ensuring that certificates that are re-issued go through the normal schema validation.
* Fixing tests.
2017-02-03 11:21:53 -08:00
117009c0a2
Lemur cryptography refactor and updates ( #668 )
...
* Renaming the function so it sounds less root-specific
* Refactoring lemur_cryptography
* Adding to the certificate interface an easy way to request the subject and public_key of a certificate
* Turning the create authority functionality into a wrapper of creating a CSR in the certificate codebase and issueing that certificate in this plugin. (Dependent on https://github.com/Netflix/lemur/pull/666 changes first)
* Ensuring that intermediate certificates and signed certificates retain their chain cert data
* Handling extensions that are the responsibility of the CA
Implementing authority_key_identifier for lemur_cryptography signatures and including skeletons of handling the certificate_info_access and crl_distribution_points
* Fixing errors found with linter
* Updating plugin unit tests
* Changing this for Python3. Underlying cryptography library expects these to be bytes now.
* Updating tests to match new function names/interfaces
* Another naming update in the plugin tests
* Appears that create_csr won't like this input without an owner.
* Undoing last commit and putting it into the right place this time.
* create_csr should be good now with these options, and chain certs will be blank in tests
* This won't be blank in issue_certificate, like it will in creating an authority.
* Much cleaner
* unnecessary import
2017-02-01 10:34:24 -08:00
a59bc1f436
Fixes ( #680 )
...
* Adding some additional logging.
2017-01-28 16:40:37 -08:00
bc94353850
Closes #648 , also fixes several issues #666 . ( #678 )
2017-01-27 21:05:25 -08:00
f13a3505f3
X509 extensions issue#646 ( #666 )
...
* Allowing that create_csr can be called with an additional flag in the csr_config to adjust the BasicConstraints for a CA.
* If there are no SANs, skip adding a blank list of SANs.
* Adding handling for all the extended key usage, key usage, and subject key identifier extensions.
* Fixing lint checks. I was overly verbose.
* This implements marshalling of the certificate extensions into x509 ExtensionType objects in the schema validation code.
* Will create x509 ExtensionType objects in the schema validation stage
* Allows errors parsing incoming options to bubble up to the requestor as ValidationErrors.
* Cleans up create_csr a lot in the certificates/service.py
* Makes BasicConstraints _just another extension_, rather than a hard-coded one
* Adds BasicConstraints option for path_length to the UI for creating an authority
* Removes SAN types which cannot be handled from the UI for authorities and certificates.
* Fixes Certificate() object model so that it doesn't just hard-code only SAN records in the extensions property and actually returns the extensions how you expect to see them. Since Lemur is focused on using these data in the "CSR" phase of things, extensions that don't get populated until signing will be in dict() form.* Trying out schema validation of extensions
2017-01-27 12:31:29 -08:00
162d5ccb62
Gracefully handle importing certificates with missing data ( #674 )
...
* fixing index out of range issue
* catching exceptions is common values aren't set
* fixing lint errors
* fixing unrelated lint/import error
2017-01-24 13:48:53 -08:00
83128f3019
Fixing elb sync issues. ( #641 )
...
* Fixing elb sync issues.
* Fixing de-duplications of names.
2017-01-05 16:06:34 -08:00
e5dee2d7e6
Adding additional metrics for when destinations fail to upload. ( #637 )
2016-12-28 09:52:23 -08:00
de7cec35c6
Clean refactor ( #635 )
...
* Adding rotation to the UI.
* Removing spinkit dependency.
* refactoring source cleaning
2016-12-27 10:31:33 -08:00
700c57b807
Rotation ui ( #633 )
...
* Adding rotation to the UI.
* Removing spinkit dependency.
2016-12-26 15:55:11 -08:00
ce75bba2c3
Replacement refactor. ( #631 )
...
* Deprecating replacement keyword.
* Def renaming.
2016-12-26 11:09:50 -08:00
46f8ebd136
Modifying the way rotation works. ( #629 )
...
* Modifying the way rotation works.
* Adding docs.
* Fixing tests.
2016-12-23 13:18:42 -08:00
072ca4da4f
Adding some additional output to rotation command. ( #627 )
2016-12-21 13:34:14 -08:00
cdcae4efb0
Closes #594 ( #621 )
2016-12-20 14:26:39 -08:00
f7c795c7f6
Closes #577 . ( #622 )
2016-12-20 14:26:29 -08:00
beba2ba092
Adding additional reporting and refactoring existing setup. ( #620 )
2016-12-20 12:48:14 -08:00
156b98f7f0
Ensuring that rotation only happens for certificates with endpoints to rotate. ( #606 )
2016-12-15 15:20:21 -08:00
d20c552248
Fixing issues with rotation. ( #603 )
...
* Fixing issues with rotation.
* Fixing tests
2016-12-14 17:30:13 -08:00
1eb3d563c6
Fix error reporting for certs without private key ( #599 )
2016-12-14 13:25:56 -08:00
71ddbb409c
Minor documentation fixes/tweaks ( #597 )
...
Mostly typos, grammar errors and inconsistent indentation in code
examples.
Some errors detected using Topy (https://github.com/intgr/topy ), all
changes verified by hand.
2016-12-14 09:29:04 -08:00
03d5a6cfe1
Refactors how notifications are generated. ( #584 )
2016-12-12 11:22:49 -08:00
968dd52f6f
Fixes ( #576 )
...
* Fixing email notification
* Adding endpoint expiration
* Fixing endpoint type for ELBs
* Allowing verisign to include additional SANs
2016-12-08 15:52:27 -08:00
a4b32b0d31
Fixing up notification testing ( #575 )
2016-12-08 11:33:40 -08:00
fc205713c8
Certificate rotation enhancements ( #570 )
2016-12-07 16:24:59 -08:00
e94cf6ddc9
Ensuring that certificates returned from digicert are in the proper format ( #564 )
2016-12-06 12:05:18 -08:00
e622a49b72
Adding better error handling around certificate rotation ( #562 )
2016-12-05 15:12:55 -08:00
9030aed8a4
Ensuring that our syncing process can find duplicate certifcates that do no need to be sync'd ( #560 )
2016-12-05 11:08:29 -08:00
7f823a04cd
Ensuring that acme and cryptography respect different key types ( #554 )
2016-12-02 10:54:18 -08:00
81bf98c746
Enabling RSA2048 and RSA4096 as available key types ( #551 )
...
* Enabling RSA2048 and RSA4096 as available key types
* Fixing re-issuance
2016-12-01 15:41:53 -08:00
588ac1d6a6
Digicert cis fixes ( #540 )
2016-11-29 17:15:39 -08:00
058d2938fb
migrating off of openssl ( #539 )
2016-11-29 11:30:44 -08:00
727bc87ede
Log fixes ( #534 )
...
* tying up some loose ends with event logging
* Ensuring creators can access
2016-11-28 14:13:16 -08:00
250558baf3
Ensuring that authority owners can access certificates issued by that… ( #526 )
...
* Ensuring that authority owners can access certificates issued by that authority
2016-11-25 20:35:07 -08:00
8e5323e2d7
migrating flask imports ( #525 )
2016-11-22 21:11:20 -08:00
6eca2eb147
Re-working the way audit logs work.
...
* Adding more checks.
2016-11-21 11:28:11 -08:00
744e204817
Initial work on #74 . ( #514 )
...
* Initial work on #74 .
* Fixing tests.
* Adding migration script.
* Excluding migrations from coverage report.
2016-11-21 09:19:14 -08:00
d45e7d6b85
[WIP] - 422 elb rotate ( #493 )
...
* Initial work on certificate rotation.
* Adding ability to get additional certificate info.
* - Adding endpoint rotation.
- Removes the g requirement from all services to enable easier testing.
2016-11-18 11:27:46 -08:00
6fd47edbe3
Adds the ability to clone existing certificates. ( #513 )
2016-11-17 16:19:52 -08:00
a616310eb7
Fixing an issue were aws certificates plugins might not have a chain. ( #512 )
2016-11-17 14:47:10 -08:00
9ac1756011
removing new 'active' logic for the time being ( #505 )
2016-11-16 15:56:24 -08:00
851d74da3d
Ensuring that private key is in string format before it gets stored ( #504 )
...
* Ensuring that private key is in string format before it gets stored
* Fixing failing test.
2016-11-16 15:05:25 -08:00
eaf34b1c8b
Disabling the protect active flag ( #498 )
2016-11-16 09:31:02 -08:00
e9219adfb5
Ensuring model's have a basic __repr__. ( #499 )
2016-11-16 09:30:54 -08:00
114deba06e
Adding the ability to silence notifications on creation. ( #490 )
2016-11-12 09:29:42 -08:00
0334f1094d
fixing documentation typo ( #489 )
2016-11-11 13:35:24 -08:00
953d3a08e7
Adding example request to documentation. ( #487 )
2016-11-11 12:54:12 -08:00
e6b291d034
Time ( #482 )
...
* adding python 3.5 as a target
* adding env flag
* Aligning on arrow dates.
2016-11-09 10:56:22 -08:00
4afedaf537
Fixes ( #476 )
...
* Ensures that Vault can accept bytes and strings.
* Make restricted domains optional.
* Fixing notify flag.
2016-11-04 09:16:41 -07:00
1ac1a44e83
San alt name ( #468 )
2016-10-31 11:00:15 -07:00
a8f44944b1
Closes #415
2016-10-17 23:23:14 -07:00
f921b67fff
Removing the ability to use spaces in custom names. ( #455 )
2016-10-15 04:56:25 -07:00
c367e4f73f
Prevents the silencing of notifications that are actively deployed. ( #454 )
...
* Renaming 'active' to 'notify' as this is clearer and more aligned to what this value is actually controlling. 'active' is now a property that depends on whether any endpoints were found to be using the certificate. Also added logic for issue #405 disallowing for a certificates' notifications to be silenced when it is actively deployed on an endpoint.
* Adding migration script to alter 'active' column.
2016-10-15 00:12:11 -07:00
dcb18a57c4
Adds option to restrict certificate expiration dates to weekdays. ( #453 )
...
* Adding ability to restrict certificate creation to weekdays.
* Ensuring that we test for weekends.
2016-10-15 00:04:35 -07:00
c05a49f8c9
Fixes an issuer where a member of a role is not able to add new users to said role. ( #445 )
2016-10-11 17:24:15 -07:00
72a390c563
Ensure the openssl and cryptography work under python3. ( #438 )
2016-10-09 00:06:15 -07:00
3ad7a37f95
Fix import certificate private key encoding ( #434 )
...
When importing a certificate, the private key is passed to the
import/upload process from the UI as a str object. In Python3 this
raises two issues when processing the private key - the private key
validation fails and database insert of the certificate fails.
The fix in both cases is to correctly encode the private key as a bytes
object.
2016-10-08 17:04:54 -07:00
2d7a6ccf3c
Owner email ( #414 )
...
* Ensuring python2 works with unicode strings.
* adding in owner DN
* fixing tests
* Upgrading requests.
* Fixing tests.
2016-08-25 10:09:46 -07:00
29a330b1f4
Orphaned certificates ( #406 )
...
* Fixing whitespace.
* Fixing syncing.
* Fixing tests
2016-07-28 13:08:24 -07:00
f38868a97f
Fixing various problems with the syncing of endpoints, throttling sta… ( #398 )
...
* Fixing various problems with the syncing of endpoints, throttling stale endpoints etc.
2016-07-12 08:40:49 -07:00
1ba7181067
Fixed an issue were default notifications were added even when updati… ( #395 )
...
* Fixed an issue were default notifications were added even when updating a certificate, resulting in duplicate notifications.
* Ensuring imported certificates get the same treatment.
2016-07-07 11:44:11 -07:00
4077893d08
Ensuring that destinations require private keys by default. ( #390 )
...
* Ensuring that destinations require private keys by default.
2016-07-04 15:30:20 -07:00
54b888bb08
Adding a toy certificate authority. ( #378 )
2016-06-29 09:05:39 -07:00
fe9703dd94
Closes #284 ( #336 )
2016-06-27 14:40:46 -07:00
19b928d663
Fixes #367
2016-06-23 13:29:59 -07:00
d9cc4980e8
Fixing destination upload. ( #347 )
...
* Fixing an issue where uploaded certificates would have a name of 'None'
* Clarifying comment.
* Improving order.
2016-06-03 18:45:58 -07:00
dc198fec8c
Docs ( #344 )
...
* Adding release info.
* adding some fields
* Adding Source Plugin change.
* Updating docs
2016-06-03 08:28:09 -07:00
72e3fb5bfe
Fixing several small issues. ( #341 )
...
* Fixing several small issues.
* Fixing tests.
2016-06-01 11:18:00 -07:00
b2539b843b
Fixing and error causing duplicate roles to be created. ( #339 )
...
* Fixing and error causing duplicate roles to be created.
* Fixing python3
* Fixing python2 and python3
2016-05-31 15:44:54 -07:00
11f4bd503b
Fixes ( #332 )
...
* Ensuring domains are returned correctly.
* Ensuring certificates receive owner role
2016-05-24 17:10:19 -07:00
1ca38015bc
Fixes ( #329 )
...
* Modifying the way roles are assigned.
* Adding migration scripts.
* Adding endpoints field for future use.
* Fixing dropdowns.
2016-05-23 18:38:04 -07:00
656269ff17
Closes #147 ( #328 )
...
* Closes #147
* Fixing tests
* Ensuring we can validate max dates.
2016-05-23 11:28:25 -07:00
bd727b825d
Making roles more apparent for certificates and authorities. ( #327 )
2016-05-20 12:48:12 -07:00
e04c1e7dc9
Fixing a few things, adding tests. ( #326 )
2016-05-20 09:03:34 -07:00
615df76dd5
Closes 262 ( #324 )
...
Moves the authority -> role relationship from a 1 -> many to a many -> many. This will allow one role to control and have access to many authorities.
2016-05-19 13:37:05 -07:00
b187d8f836
Adding a better comparison. ( #320 )
2016-05-16 19:03:10 -07:00
1763a1a717
254 duplication certificate name ( #319 )
2016-05-16 15:59:40 -07:00
62b61ed980
Fixing various issues. ( #318 )
...
* Fixing various issues.
* Fixing tests
2016-05-16 11:09:50 -07:00
a0c8765588
Various bug fixes. ( #314 )
2016-05-12 12:38:44 -07:00
f9655213b3
Marshmallowing notifications. ( #308 )
2016-05-10 11:27:57 -07:00
df0ad4d875
Authorities marshmallow addition ( #303 )
2016-05-09 11:00:16 -07:00
6ec3bad49a
Closes #278 ( #298 )
...
* Closes #278
2016-05-05 15:28:17 -07:00
52f44c3ea6
Closes #278 and #199 , Starting transition to marshmallow ( #299 )
...
* Closes #278 and #199 , Starting transition to marshmallow
2016-05-05 12:52:08 -07:00
3f89d6d009
Merge pull request #271 from kevgliss/195
...
Closes #195
2016-04-08 12:01:10 -07:00
62d03b0d41
Closes #216
2016-04-01 16:54:33 -07:00
bfcfdb83a7
Closes #195
2016-04-01 14:27:57 -07:00
576265e09c
Closes #246
2016-04-01 09:19:36 -07:00
028d86c0bb
Adding a new flag to export plugins 'requires_key' that specifies whether the export plugin needs access to the private key. Defaults to True.
2016-01-29 12:45:18 -08:00
2ba48995fe
Fixing documentation for filter format
2016-01-29 11:47:16 -08:00
1e524a49c0
making 'replacements' a non-require attribute for importing. Closes #226
2016-01-29 09:02:51 -08:00
0a4f5ad64d
Fixing an assumption that 'subAltNames' are always passed to the API.
2016-01-10 17:33:19 -08:00
3f024c1ef4
Adds ability for domains to be marked as sensitive and only be allowed to be issued by an admin closes #5
2015-12-30 15:11:08 -08:00
cabe2ae18d
Adding the ability to issue third party created CSRs
2015-12-29 10:49:33 -08:00
9cadebcd50
adding example requests
2015-11-30 13:51:27 -08:00
ec896461a7
Adding final touches to #125
2015-11-30 09:47:36 -08:00
8eeed821d3
Adding UI elements
2015-11-27 13:27:14 -08:00
920d595c12
Initial work on #125
2015-11-25 14:54:08 -08:00
1c6e9caa40
Closes #144
2015-11-24 16:07:44 -08:00
d6b3f5af81
Closes #122
2015-11-24 14:53:22 -08:00
40eb950e94
Use MultiFernet for encryption
...
Facilitates key rotation and uses more secure encryption than what
sqlalchemy-utils does.
Fixes #117 and #119 .
2015-10-13 16:58:58 -07:00
168f46a436
Adding the ability to track a certificates signing key algorithm
2015-10-06 12:51:59 -07:00
5cfa9d4bc5
description should be optional
2015-09-29 16:37:32 -07:00
7ebd0bf5d4
making fields required
2015-09-24 08:42:31 -07:00
06a69c09a0
Fixing a bug where notifications associated during certificate creation would not be respected.
2015-09-22 13:01:05 -07:00
be6a5b859e
adding notification example
2015-09-22 09:46:54 -07:00
aaae4d5a1f
unifying lemur defaults
2015-09-04 15:52:56 -07:00
3b109ec578
Cleaning up temporary file creation, and revocation checking
2015-09-02 09:19:06 -07:00
45158c64a2
cleaning up temporary file creation
2015-09-02 09:19:06 -07:00
aca69ce03c
Closes #53
2015-09-02 09:15:11 -07:00
bf8ce354e5
Closes #55
2015-09-02 09:13:47 -07:00
8d09d865b1
Closes #57
2015-09-02 09:13:47 -07:00
8977c5ddbf
Ensuring notifications follow owner
2015-08-29 12:02:50 -07:00
9a04371680
Adding ability to define distinguished names in config
2015-08-27 12:59:40 -07:00
a07db5625b
Fixing an issue were extensions were implicitly required
2015-08-22 10:22:36 -07:00
4b7a55c89f
Fixing issue with a certificate with no role not being viewable
2015-08-21 16:08:53 -07:00
6b2da2fe6b
Fixes #35
2015-08-19 18:05:18 -07:00
eb55d5465f
Making LEMUR_DEFAULT_SECURITY_EMAIL optional
2015-08-17 16:03:57 -07:00
32ef793c4d
Switch to relying on the configuration key in the configuration file
2015-08-08 16:12:29 -07:00
fc68552d0f
Making Lemur py3 compatible
2015-08-03 21:07:28 -07:00
7d169f7c4c
Fixing up some of the sync related code
2015-08-03 13:51:27 -07:00
cdb3814469
Fixing notification deduplication and roll up
2015-08-02 09:14:27 -07:00
c9e9a9ed7c
Fixing upload description
2015-08-02 07:45:10 -07:00
02b717dd7c
Fixing upload, and removing old unneeded code
2015-08-02 05:57:26 -07:00
aef1587635
Adding default notifications
2015-08-01 19:08:46 -07:00
46652ba117
Purging ELB and Listener specific models
2015-08-01 15:47:14 -07:00
e247d635fc
Adding backend code for sources models
2015-08-01 15:29:34 -07:00
c5a6a0570a
adding link to python packaging documentation
2015-07-31 19:02:44 -07:00
1e748a64d7
Initial support for notification plugins closes #8 , closes #9 , closes #7 , closes #4 , closes #16
2015-07-29 17:13:06 -07:00
c02390d63b
PEP8
2015-07-23 09:08:07 -07:00
a4ed83cb62
Refactoring out challenge
2015-07-23 08:52:30 -07:00
8d576aa3d8
Fixing tests
2015-07-22 10:51:55 -07:00
c75e20a1ea
Pleasing the PEP8 gods
2015-07-21 13:06:13 -07:00
0c7204cdb9
Refactored 'accounts' to be more general with 'destinations'
2015-07-10 17:06:57 -07:00
5156371913
Modify the naming structure for certificates. AWS is pretty picky about what is a valid name.
2015-07-08 16:39:00 -07:00
002f83092d
Changing the signature of save_cert, we don't create a csr_config anymore so it doesn't make sense to store it. Additionally 'challenge' is a verisign specific thing and should be factored out. We have stopped saving it as well.
2015-07-08 16:37:48 -07:00
f660450043
Aligning config variables
2015-07-07 17:23:46 -07:00
8239aa55e1
fixing conflicts
2015-07-07 16:26:37 -07:00
82c4be29a4
fixing merge conflict
2015-07-07 15:36:39 -07:00
c59bf3f257
Fixing tests
2015-07-06 10:53:12 -07:00
3f49bb95ff
Starting to move to new plugin architecture.
2015-07-04 12:47:57 -07:00
b17e12bed4
Doc fix
2015-07-03 12:59:48 -07:00
95bab9331d
Enabling CSR generation and reducing complexity of encryption/decrypting the 'key' dir.
2015-07-03 10:30:17 -07:00
8cbc6b8325
Initial work at removing openssl
2015-07-02 15:48:56 -07:00
bc0f9534c2
Refactoring 'create_name' out of our certificate class, fixed an issuer were key size was being calculated and removing unused functions
2015-07-02 15:48:56 -07:00
096d88bc9b
Ensuring a 404 is returned when we can't find the specified certificate
2015-07-02 15:48:56 -07:00
f28d3a54c5
API change in cryptography
2015-07-02 15:48:55 -07:00
37669b906c
Fixes an issue where the issuer has special chars in the name. AWS dislikes special chars in certificate names so we strip them out here. In general we want to have the name tracked by Lemur be the same as what is uploaded to various destinations.
2015-07-02 15:48:54 -07:00
1a01209e78
Merge pull request #10 from kevgliss/tests
...
Tests
2015-06-29 14:10:54 -07:00
964d1c1c52
Refactoring 'create_name' out of our certificate class, fixed an issuer were key size was being calculated and removing unused functions
2015-06-26 16:18:31 -07:00
1f9d943a4c
Ensuring a 404 is returned when we can't find the specified certificate
2015-06-26 16:17:22 -07:00
c6ae689dc8
Adding role tests
2015-06-26 10:31:55 -07:00
b1f93c5dd2
Merge pull request #3 from kevgliss/hotfix/upload
...
API change in cryptography
2015-06-25 13:57:45 -07:00
e92113d28f
API change in cryptography
2015-06-25 13:50:46 -07:00
be97f3dcc2
Fixes an issue where the issuer has special chars in the name. AWS dislikes special chars in certificate names so we strip them out here. In general we want to have the name tracked by Lemur be the same as what is uploaded to various destinations.
2015-06-24 16:51:44 -07:00
4330ac9c05
initial commit
2015-06-22 13:47:27 -07:00
Marti Raudsepp
kevgliss
Paul Van de Vreede
Michael Treacher
Gus E
Neil Schelly
Nevins
Charles Hendrie
Robert Picard
kevgliss