a4178ca113
fixing floating comma in CNAME PR
2020-10-29 18:52:22 -07:00
69aa98c1c8
Merge branch 'master' into ecc_changes
2020-10-29 18:05:38 -07:00
03dfbf535d
Consistent algo in UI and API
...
Removed '-' since UI displays only handful options
2020-10-29 17:59:31 -07:00
aec24ae132
Missing commit in downgrade
2020-10-29 17:58:37 -07:00
4e44dd3d8f
Check if authority options is JSON Array
2020-10-29 17:57:54 -07:00
9aa2d2af76
Merge branch 'master' into notification-plugin-field-fix
2020-10-29 14:58:43 -07:00
ccecb26816
Merge branch 'cname_01' of github.com:Netflix/lemur into cname_01
2020-10-29 14:43:14 -07:00
ca465e3c9e
updating debug string with target_domain
2020-10-29 14:42:51 -07:00
a3a02a8077
Merge branch 'master' into notification-plugin-field-fix
2020-10-29 14:32:57 -07:00
2aec317127
Merge branch 'master' into cname_01
2020-10-29 14:32:23 -07:00
1c59fb575c
Fix the 'more' button to view certificates associated with a notification
2020-10-29 14:28:54 -07:00
86207db93b
Merge branch 'master' into certificates-for-notification-fix
2020-10-29 14:21:25 -07:00
15a7921bf4
Merge branch 'master' into cname_01
2020-10-29 14:09:48 -07:00
84f8905cf1
Hide expired certs for notifications
2020-10-29 14:07:25 -07:00
14348a1f95
Merge branch 'master' into cname_01
2020-10-29 14:01:14 -07:00
28c6f8583a
Merge branch 'master' into ses-arn-override
2020-10-29 13:52:51 -07:00
a1f99c29c0
Merge branch 'cname_01' of github.com:Netflix/lemur into cname_01
2020-10-29 13:51:58 -07:00
2b91077d92
updating variables based on feedback
2020-10-29 13:51:22 -07:00
28686fcf5d
Merge branch 'ses-arn-override' of github.com:jtschladen/lemur into ses-arn-override
2020-10-29 13:48:55 -07:00
45cc9528d2
Cleaner syntax for default region
2020-10-29 13:48:43 -07:00
78afc060ae
Add subject for SNS messages and correct date format
2020-10-29 13:41:47 -07:00
e967f2c676
Merge branch 'master' into ses-arn-override
2020-10-29 11:11:30 -07:00
2cea33cb11
Merge branch 'master' into expanding-S3-plugin
2020-10-29 11:09:00 -07:00
af348b1012
Merge branch 'master' into cname_01
2020-10-28 22:41:23 -07:00
33a006bbeb
fixing delete with optional validation
2020-10-28 22:24:37 -07:00
b47667b73e
cname redirection working
2020-10-28 20:51:35 -07:00
3e492e6310
Add ability to override SES region
2020-10-28 17:09:54 -07:00
bbfc65813d
Merge branch 'master' into ecc_changes
2020-10-28 17:00:45 -07:00
6adf94d28f
Merge branch 'master' into log_update
2020-10-28 16:52:19 -07:00
5e696f36bf
Add ability to override SourceArnn for SES
2020-10-28 16:34:31 -07:00
acc95a4b66
Fix notification view to actually show associated certs
2020-10-28 16:12:27 -07:00
c25782468b
Merge branch 'master' into log_update
2020-10-28 15:40:16 -07:00
cc69b433ca
Merge branch 'master' into notification-plugin-field-fix
2020-10-28 14:58:58 -07:00
d27f2a53af
Merge branch 'master' of github.com:Netflix/lemur into cname_01
2020-10-28 14:03:23 -07:00
95b647ee1d
Merge branch 'master' into ecc_changes
2020-10-28 13:54:14 -07:00
84d30b5d50
Merge branch 'master' into issuer-retry
2020-10-28 13:21:10 -07:00
13e8421c78
Merge branch 'master' into notification-plugin-field-fix
2020-10-28 08:50:46 -07:00
16ce7970d0
Merge branch 'master' into sns
2020-10-28 08:50:09 -07:00
a9d3b7a676
Merge branch 'master' into issuer-retry
2020-10-28 08:48:29 -07:00
23e1700fad
flake8
2020-10-28 13:47:57 +01:00
794e4d3855
Revert log to debug to be safe
2020-10-27 17:36:01 -07:00
c6a8034890
language
2020-10-27 16:13:05 -07:00
10aa02fd85
more compact design, thanks to Chad for the feedback
2020-10-27 14:42:51 -07:00
54c2245115
comments
2020-10-27 12:47:35 -07:00
d59a558d58
adopting ilike and not relying on ==
...
reducing redundancy
2020-10-27 12:44:38 -07:00
Emmanuel Garette
e9824a6808
change the log level to info if upgrade is successful
2020-10-27 20:38:18 +01:00
Emmanuel Garette
79647e3372
add reference to LOG_UPGRADE_FILE in toplevel comment
2020-10-27 20:38:18 +01:00
20b8c2fd93
PR feedback
2020-10-27 08:56:43 -07:00
ccf87986c0
Add store_account to AcmeDnsIssuer
2020-10-27 12:15:07 +01:00
96fbcdaf70
Fix test_finalize_authorizations, dont reuse cleanup_dns_challenges in finalize_authorizations
2020-10-27 11:27:44 +01:00
103e107668
Fix patches for test_create_certificate
2020-10-27 11:16:29 +01:00
82bf8e2ac6
Remove unnecessary code from dnsChallenge, Fix patches in dns tests
2020-10-27 11:09:30 +01:00
2d98e71977
Replace deprecated assertRaisesRegexp with assertRaisesRegex
2020-10-27 10:44:04 +01:00
30c10b93f8
Fix patches for acme_handler tests
2020-10-27 10:37:30 +01:00
3b20a47603
Fix patches for acme_http tests, apparently isinstance is considered evil in python
2020-10-27 10:37:30 +01:00
4464c5890d
Flake8
2020-10-27 10:37:30 +01:00
812e1dee92
Refactor Acme plugin into AcmeChallenge objects, dns01
2020-10-27 10:37:27 +01:00
b91cebf245
Refactor Acme plugin into AcmeChallenge objects, http01
2020-10-27 10:36:06 +01:00
6c1be02bfa
Remove destination_list from AcmeHttpIssuer
2020-10-27 10:28:34 +01:00
ef0fce2661
Set timeout for finalize to 90s
2020-10-27 10:28:34 +01:00
235653b558
Refactor destination selection for acme-http authorities, to load destinations dynamically
2020-10-27 10:28:34 +01:00
81b078604c
Implement revoke certificate for ACME
2020-10-27 10:28:34 +01:00
215070b327
Fix create_certificate tests
2020-10-27 10:28:34 +01:00
41ea59d7e3
Remove unneeded polling
2020-10-27 10:28:33 +01:00
d24fae0bac
Fix permissions on acme token upload, dont append well-known automatically
2020-10-27 10:28:33 +01:00
66cab6abd3
Make http-01 challenge work for SAN certificates
2020-10-27 10:28:33 +01:00
e3e5ef7d66
Refactor AcmeHandler, Move DNS stuff into AcmeDnsHandler
2020-10-27 10:28:33 +01:00
76dcfbd528
Add more tests
2020-10-27 10:28:33 +01:00
d6719b729c
Implement some test for AcmeHttpIssuerPlugin
2020-10-27 10:28:33 +01:00
b2de986652
Split tests into handler, and dns specifics
2020-10-27 10:28:30 +01:00
b93d271f31
Fix flake8
2020-10-27 10:25:31 +01:00
e06bdcf2a3
Implement create_certificate for HTTP-01 challenge
2020-10-27 10:25:31 +01:00
3012995c76
Improve naming, make it possible to create directories recursively with SFTP
2020-10-27 10:25:31 +01:00
348d8477dd
Refactor destination plugin, to allow upload of ACME http-challenge tokens
2020-10-27 10:25:31 +01:00
d00dd9d295
Initial structure for ACME http challenge
2020-10-27 10:25:31 +01:00
3b258447db
addressing Chad's feedbakc
2020-10-26 19:16:40 -07:00
1ef6139f9b
ignore rotated certs, since there is a new cert that can be used
2020-10-26 18:34:21 -07:00
6a1b4b4857
ignore expired certs
2020-10-26 18:33:33 -07:00
709a9808aa
better structure of the query and and removing ilike
2020-10-26 18:32:53 -07:00
392725ff30
Add description check in reissue unit test
2020-10-26 15:33:20 -07:00
749aa772ba
First change to get CNAME redirection working
2020-10-26 11:57:33 -07:00
3f765b51ef
Fix sources and destinations, and allow actually updating the notification type
2020-10-26 11:27:40 -07:00
6723e3c80d
now fixing the month to minute bug
2020-10-26 11:27:40 -07:00
3290d6634b
fixing testing
2020-10-26 11:27:40 -07:00
fa62023b2d
fixing the time bug, sub-second to second, and month to minute!
2020-10-26 11:27:40 -07:00
Emmanuel Garette
d7478a5c5c
use an alternative logger for the upgrade
2020-10-25 19:24:17 +01:00
f6554a9a1e
typo, fixing abstract class complaints
2020-10-23 18:03:55 -07:00
0e02abbb37
Entrust just looks into CSR for RSA/EC key type
2020-10-23 18:03:27 -07:00
9957120a7f
adding missing import
2020-10-23 18:03:07 -07:00
7e573d6d51
fixing typo
2020-10-23 18:02:54 -07:00
6891077501
readability
2020-10-23 18:02:35 -07:00
75bc3a5b20
refactoring and adding retry
2020-10-23 18:02:05 -07:00
d233490c8a
simple retry
2020-10-23 18:01:14 -07:00
2c1e7b19a2
10x 10s delay might be too long for the load balancer request
2020-10-23 17:59:58 -07:00
2c22d42a57
Modify description during reissue
...
Include the certificate ID being reissued and mention that this is created by Lemur as part of reissue
2020-10-23 17:07:14 -07:00
3d83db6f8f
Merge branch 'master' into expanding-S3-plugin
2020-10-23 14:13:30 -07:00
30915d30be
Merge branch 'master' into log_update
2020-10-23 14:13:17 -07:00
01bd357b1c
Merge branch 'master' into sns
2020-10-23 11:38:35 -07:00
1495fb3595
now fixing the month to minute bug
2020-10-23 10:18:24 -07:00
bc6fb02fc2
fixing testing
2020-10-23 10:16:38 -07:00
e01863097b
fixing the time bug, sub-second to second, and month to minute!
2020-10-23 10:16:23 -07:00
a5cea4fb9a
Skip revoked certs when looking for certs to notify
2020-10-23 09:42:03 -07:00
233f9768e8
Fix error handling
2020-10-23 09:35:46 -07:00
98962ae5f5
Merge branch 'master' into sns
2020-10-23 08:50:26 -07:00
41ac43013d
Merge branch 'master' into notification-plugin-field-fix
2020-10-23 08:43:29 -07:00
2b274f723a
Merge branch 'master' into improved-logging
2020-10-23 07:59:30 -07:00
71df6b8560
Fix plugin field on notification edit
2020-10-22 18:15:26 -07:00
8610af8b83
more precise language
2020-10-22 17:54:46 -07:00
820106e333
Merge branch 'master' into expanding-S3-plugin
2020-10-22 17:35:20 -07:00
9ce0010bf1
handle_respone can also handle the no data response
2020-10-22 17:33:39 -07:00
cf87e178c8
making lint happy
2020-10-22 17:33:02 -07:00
97f80b79dc
adjusting digicert test to support seconds
2020-10-22 17:23:33 -07:00
9acd974b74
fixing the test to support seconds
2020-10-22 17:20:47 -07:00
ae1e9d120b
consistent messaging
2020-10-22 17:13:58 -07:00
2e7652962c
refactoring of the error handling
2020-10-22 17:11:02 -07:00
1c96ea9ab1
better messaging of exceptions
2020-10-22 17:10:32 -07:00
02c040865d
more meaningful message
2020-10-22 16:05:29 -07:00
8fa90a2ce5
digicert expects also seconds, though not yet honoring it
2020-10-22 16:01:09 -07:00
c60645bec4
improved logging for all responses
2020-10-22 16:00:26 -07:00
c2fe2b5e03
improved logging for all responses
2020-10-22 15:59:59 -07:00
03d1af16e7
better logging for exceptions around all plugins
2020-10-22 15:59:38 -07:00
2b876f22a5
Merge branch 'master' into log_update
2020-10-22 12:00:51 -07:00
2e7e3a82fa
Update cli.py
...
logging in exception
2020-10-22 11:57:54 -07:00
c40ecd12cb
improved naming
2020-10-22 10:58:16 -07:00
2cc03088cd
creating a celery task
2020-10-21 19:53:08 -07:00
a4dba0cb35
creating a cli to handle entrust deactivation
2020-10-21 19:52:51 -07:00
906b3b2337
better handling of status code
2020-10-21 19:52:25 -07:00
92eec5cc9c
revocation should only check for not expired and not revoked certs
2020-10-21 18:52:55 -07:00
adf8f37718
Merge branch 'master' into log_update
2020-10-21 16:03:46 -07:00
43483cb1c7
Check if present - Organization, State, Country
2020-10-21 15:44:53 -07:00
757e190b60
Check if OU and L is present in subject
...
fixing index out of range
2020-10-21 12:11:41 -07:00
Emmanuel Garette
9374adaa46
do not create db_upgrade.log during migrations
2020-10-21 11:17:54 +02:00
4997165235
Removing ECC 192 and 521 from UI
...
not CAB supported. Keeping 521 for authority
2020-10-20 17:59:50 -07:00
01dddd2a55
iterate over subject details
2020-10-20 17:17:28 -07:00
788703ce12
Fix cert reissue when L/OU is not set
...
get_certificate_primitives complains with None L/OU
2020-10-20 16:44:17 -07:00
1fc9cd2ff8
Merge branch 'master' into sns
2020-10-20 12:13:51 -07:00
4f552cb636
Code cleanup
2020-10-20 12:02:36 -07:00
d6075ebc11
Merge
2020-10-20 11:48:54 -07:00
855baadfee
Show only few supported ECC algorithms on UI
2020-10-19 17:42:52 -07:00
669a4273c2
Merge branch 'master' of github.com:jtschladen/lemur into sns
2020-10-19 16:29:33 -07:00
b5f0fc5a19
Fix syntax error
2020-10-19 15:21:34 -07:00
ecd4d6ebe3
Change string formatting pattern
2020-10-19 15:12:48 -07:00
af3afe36e1
Merge branch 'master' into expanding-S3-plugin
2020-10-19 14:23:01 -07:00
e90b08b363
Correct typo and enable Slack notification test
2020-10-16 17:08:44 -07:00
6a1889787d
Correct log attributes
2020-10-16 16:30:21 -07:00
2c92fc6eb9
Merge branch 'notification-fixes' of github.com:jtschladen/lemur into notification-fixes
2020-10-16 16:22:28 -07:00
072b337f37
Restructure log messages
2020-10-16 16:21:43 -07:00
fe5d75c7f8
Merge branch 'master' into notification-fixes
2020-10-16 15:20:42 -07:00
60bb0037f0
Miscellaneous notification fixes and tests
2020-10-16 15:13:12 -07:00
dbdfa9eab8
Merge branch 'master' into expanding-S3-plugin
2020-10-16 11:35:38 -07:00
a04cce6044
Initial implementation
2020-10-16 10:40:11 -07:00
503530e935
the test requires region param for sts
2020-10-16 10:32:10 -07:00
11ce540246
formatting
2020-10-16 10:31:19 -07:00
9c04a888d8
adjusting the S3 test
2020-10-16 09:52:04 -07:00
17e528b5dd
adding testing for acme_upload method
2020-10-16 09:50:35 -07:00
d705e3ae3b
expanding the S3 destination plugin to support the acme token upload inteface
2020-10-16 09:49:56 -07:00
7d8eb1c61e
improving test
2020-10-16 09:49:26 -07:00
6aad37e1f9
cleaning up code
2020-10-16 09:49:00 -07:00
d73db59d23
revsering removing region
2020-10-16 09:48:47 -07:00
ab91d58a03
Merge branch 'master' into cab_compliant
2020-10-16 08:33:04 -07:00
55658c5f23
Add double % for escaped SQLALCHEMY_DATABASE_URI
2020-10-16 10:43:52 +02:00
bfe89e131e
adding delete and put interfaces for the S3 plugin
2020-10-15 18:13:50 -07:00
9dc476f393
Use cab_compliant option instead of authority name list
2020-10-15 10:44:46 -07:00
f38380d156
Check if option is present
2020-10-14 17:38:32 -07:00
4d5e712e85
Remove option reset from test
2020-10-14 15:40:23 -07:00
ee1d07000a
Test subject details in reissue with cab_compliant option
2020-10-14 14:49:53 -07:00
90839b4d4b
Unit test for cab_compliant = true
2020-10-14 14:49:53 -07:00
62d099b500
Unit tests to check cab_compliant option
2020-10-14 12:41:56 -07:00
409e12a9d6
Update models.py
...
lint
2020-10-14 10:03:44 -07:00
894e35b4e2
Update schemas.py
...
minor language
2020-10-14 09:48:40 -07:00
97cf54433b
Update models.py
...
language
2020-10-14 09:45:13 -07:00
82dd663942
Moving default key_type to getDefaults
2020-10-13 19:40:32 -07:00
28381737dc
Removed OU from digicert plugin
2020-10-13 19:40:15 -07:00
b677e6e325
Copy subject details for non-CAB-compliant authorities
2020-10-13 19:40:01 -07:00
5db1d31668
Merge branch 'master' into removing-outdated-language
2020-10-12 10:22:53 -07:00
817fc3f0fe
Merge branch 'master' into feature/store-acme-account-details
2020-10-11 14:37:31 +02:00
4c7b429001
Merge branch 'master' into ui_changes
2020-10-09 18:05:33 -07:00
770339f94c
cleaning up outdated phrases
2020-10-09 18:04:16 -07:00
fb4df8865b
Formatting changes and typo
2020-10-09 17:58:03 -07:00
0fc050e17b
Merge branch 'master' into dymanic-digicert-ICAs
2020-10-09 17:53:54 -07:00
475833e8e1
Merge branch 'master' into ui_changes
2020-10-09 17:53:43 -07:00
198e20ce4f
Merge branch 'master' into dymanic-digicert-ICAs
2020-10-09 17:49:33 -07:00
d4819440af
Merge branch 'master' into entrust-plugin
2020-10-09 17:47:01 -07:00
d52e0d4e09
Certificate edit: update role and notification with owner change
2020-10-09 16:55:30 -07:00
42e9b8b627
removing the intermediary from being optional
2020-10-09 15:40:25 -07:00
e67fc09bc8
Merge branch 'entrust-plugin' of github.com:sirferl/lemur into entrust-plugin
2020-10-09 12:11:41 +02:00
5a968ffe63
Lint errors
2020-10-09 12:05:57 +02:00
cc02a0adb0
Merge branch 'master' into entrust-plugin
2020-10-09 11:56:47 +02:00
d43e240a2a
dded ELIF at determine_end_date, becuase of error.
2020-10-09 11:41:44 +02:00
a6a4f458e0
added Tests and removed problems in test-setup
2020-10-09 11:35:04 +02:00
d5ce38bf71
lint error fix - remove whitespace
2020-10-08 12:50:30 -07:00
8928e04385
Fix disable notify
2020-10-08 11:38:52 -07:00
1a270cd315
switching from static DigiCert ICAs to dynamic ones to support:
...
https://knowledge.digicert.com/alerts/DigiCert-ICA-Update.html
2020-10-07 20:06:20 -07:00
4f696abb5d
adding util method to convert PKCS7 to pem
2020-10-07 20:03:46 -07:00
b7d0e62844
Make location optional
...
Remove form validation and default value in input schema
2020-10-07 13:31:23 -07:00
57534d86cd
Disable account saving by default
2020-10-07 12:28:22 +02:00
8353396940
Improve tests
2020-10-07 12:28:22 +02:00
9abd3e97e7
Add test loading acme account from authority
2020-10-07 12:28:22 +02:00
bf66de0bfd
Add Test for saving the accound details
2020-10-07 12:28:22 +02:00
e0708410d0
Add store_account value to options in test_setup_acme_client_success
2020-10-07 12:28:22 +02:00
7e6fb740b3
Fix flake8/linting errors
2020-10-07 12:28:22 +02:00
eed628dbab
Implement storage of acme account
2020-10-07 12:28:22 +02:00
898b5da661
Add store_account option to acme plugin
2020-10-07 12:28:22 +02:00
e64e2a41d5
Add update_options to authorities service
2020-10-07 12:28:22 +02:00
c72661a87f
Removing hardcoded name
2020-10-06 18:50:37 -07:00
6b96aefa21
Authority create: Email added to subject DN for cloudCA
2020-10-06 18:35:28 -07:00
ea513f465f
Remove bit length check from last query
2020-09-29 16:33:10 -07:00
b9100dbf29
Merge branch 'master' of github.com:Netflix/lemur into key_type_column
2020-09-29 10:25:54 -07:00
d7fc84f6e9
Fix dns-providers type missing from schema
2020-09-29 14:36:31 +02:00
aaff0f7581
Fixing UT for key_type on upload schema
2020-09-28 19:03:21 -07:00
7a226241db
Add key_type to CertificateUploadInputSchema
...
Parse cert body to determine algo
2020-09-28 18:13:00 -07:00
96eada297f
lint
2020-09-28 14:40:56 -07:00
0fa136e7a4
Merge branch 'master' into remove-test-secrets
2020-09-25 17:19:39 -07:00
8f1c966079
Merge branch 'master' into remove-test-secrets
2020-09-25 12:48:28 -07:00
d49edd886b
language
2020-09-25 12:32:33 -07:00
e871c5eb18
Update conf.py
2020-09-25 12:30:37 -07:00
57457bfe78
Merge branch 'master' of github.com:Netflix/lemur into key_type_column
2020-09-23 15:23:45 -07:00
cd13832377
Use key_type column for cert get/rotate/reissue/display
...
Added unit tests
2020-09-23 15:16:19 -07:00
4e4a7e9cab
Merge branch 'master' into entrust-revised
2020-09-23 13:33:24 -07:00
e5961146b9
session hook complains about metadata
...
+ consistent language.
2020-09-23 14:22:58 -06:00
12af0ecb45
UT get_key_type_from_certificate
2020-09-23 11:46:38 -07:00
710290f590
Formatting changes
2020-09-23 11:45:36 -07:00
19b693f636
Update c301c59688d2_.py
...
language
2020-09-23 10:21:23 -07:00
e3fa072608
Update c301c59688d2_.py
...
language
2020-09-23 10:17:30 -07:00
921e8d8236
Add error message to the logs
2020-09-22 18:46:15 -07:00
9211178e77
Added date-time and modified log file name
2020-09-22 18:31:38 -07:00
8de9842092
Backfill the key_type column: DB Upgrade
2020-09-22 18:22:45 -07:00
1632b4b078
making lint happy, running make test-python doesn't run lint
2020-09-18 21:58:53 -07:00
21e9a4508d
TypeError: 'float' object cannot be interpreted as an integer
2020-09-18 17:42:28 -07:00
c892cd5ae1
removing anything that remotely looks like a secret in code to set a good example
2020-09-18 17:38:52 -07:00
cc855e2758
modern python style
2020-09-18 17:16:07 -07:00
edab32d9a1
setting the required entrust configs
2020-09-18 17:03:22 -07:00
416f39222a
testing
2020-09-18 17:02:19 -07:00
fae3793255
entrrust plugin revised
2020-09-18 11:09:32 -07:00
51549ae795
Adding comment for the property to be removed
2020-09-15 17:37:58 -07:00
d8cca855e8
Merge branch 'master' of github.com:Netflix/lemur into key_type_column
2020-09-15 15:16:13 -07:00
5ae65c2c4d
Remove unused import
2020-09-15 14:55:04 -07:00
676562ffde
Match column type to db schema
...
No functional change
2020-09-14 18:13:35 -07:00
02d711282d
New column key_type
...
commenting conflicting property for now
2020-09-14 18:12:33 -07:00
02c7a5ca7c
another round of lint errors
2020-09-14 16:34:56 +02:00
e011cc9251
added several enhancements following advice from peer
2020-09-14 16:24:53 +02:00
9778eb7b25
fixed lint errors
2020-09-14 15:56:02 +02:00
5bb0143da4
lint errors and removed _path from the API-Cert variables
2020-09-14 15:42:36 +02:00
84496b0f55
fixed a few problems
2020-09-14 15:18:46 +02:00
b8e3162c5f
added revoke functionality
2020-09-14 14:20:11 +02:00
b337b27146
added response handler
2020-09-14 12:23:58 +02:00
01678a714f
added required vars check
2020-09-14 09:50:55 +02:00
8adca442e1
Merge branch 'master' into entrust-plugin
2020-09-11 17:11:57 -07:00
09a2a8fc76
Log message change
...
PR comments
2020-09-11 15:53:34 -07:00
806aeddd87
Merge branch 'master' into validity
2020-09-11 10:09:01 -07:00
6e588f9c7b
Merge branch 'master' into validity
2020-09-11 09:06:11 -07:00
1c9c377751
Lint errors
2020-09-11 12:31:15 +02:00
fd52438d61
yet lint errors
2020-09-11 12:30:53 +02:00
de9ad82011
Fixed Lint complaints
2020-09-11 12:24:33 +02:00
a99a84b0b2
entrust plugin inital edit
2020-09-10 16:04:31 +02:00
f47f108f43
ientrust plgin - first version
2020-09-10 16:03:29 +02:00
a7be8b6dce
adding support for different types of CSR encodings
2020-09-09 19:54:53 -07:00
4923157dc2
expanding key_type to with EC support
2020-09-09 19:54:20 -07:00
aff7ad7ea2
testing
2020-09-09 19:53:59 -07:00
60fd2134ca
removing duplicate curves, and marking them in existing mapping
2020-09-09 19:53:35 -07:00
5ab9626cbd
overwriting cn and key_type values from CSR, as they take precedence
2020-09-09 19:52:59 -07:00
6fa15c4cb3
methods to extract cn and key_type from csr
2020-09-09 19:48:21 -07:00
de0c38e9ba
mapping of curve name to key_type
2020-09-09 19:47:51 -07:00
8ad4448c85
Match date format for comparison + expected new lines
2020-09-01 12:44:49 -07:00
db4f68f0ed
Logs during cert validity truncate for digicert
2020-08-31 18:20:32 -07:00
9c4fb85dc3
Calculate dates from defaultDays in js
2020-08-31 18:19:32 -07:00
d478def98c
removing the custom key Type and doing the conversion in the backend
2020-08-31 16:35:47 -07:00
9a7a632489
using a standard curve for testing
2020-08-28 09:48:35 -07:00
9671b34485
adding support for all type of ECC curves which existing CA plugins might support
2020-08-27 14:15:14 -07:00
1fc2e29ab8
Remove 397 days validation as it causes error in API calls
...
More to come in future
2020-08-27 14:15:14 -07:00
ab4cda2298
Extended ADCS_TEMPLATE_ Variable
...
If there is a config variable ADCS_TEMPLATE_<upper(authority.name)> take the value as Cert template else default to ADCS_TEMPLATE to be compatible with former versions
2020-08-27 14:15:14 -07:00
7a9500eee0
Lint error fix
2020-08-27 14:15:14 -07:00
5ed109e998
Max end date as per start date + default validity 3 years
2020-08-27 14:15:14 -07:00
7011a4df8b
max date on UI as per max validity configs
2020-08-27 14:15:14 -07:00
4d7c6844e5
Make Organizational Unit optional
2020-08-27 14:15:14 -07:00
2645c4a82d
mention 397 for digicert plugin
2020-08-27 14:15:14 -07:00
3cb386cc0f
maximum 1 year validity for digicert
2020-08-27 14:15:14 -07:00
e06dea106f
Modify unit test test_determine_end_date to match new config
2020-08-27 14:15:14 -07:00
d7d483fa9b
Renaming PUBLIC_CA to PUBLIC_CA_AUTHORITY_NAMES
2020-08-27 14:15:14 -07:00
25125f3257
Cert validity should not exceed 397 days for publicly trusted issuers
2020-08-27 14:15:14 -07:00
404d213e8f
Modified cert description to have cert id being cloned
2020-08-27 14:15:14 -07:00
e75e472a1a
Do not inherit replacement info during cert clone
2020-08-27 14:15:14 -07:00
69b64c63ea
Honor selected algorithm during certificate cloning
2020-08-27 14:15:14 -07:00
f4bcd1cf30
lack of an empty config file was resulting into this error
...
```
Traceback (most recent call last):
File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/tests/test_acme.py", line 159, in test_request_certificate
self.acme.request_certificate(mock_acme, [], mock_order)
File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/plugin.py", line 211, in request_certificate
current_app.config.get("IDENTRUST_CROSS_SIGNED_LE_ICA_EXPIRATION_DATE", "17/03/21"), '%d/%m/%y'):
TypeError: strptime() argument 1 must be str, not MagicMock
```
2020-08-27 14:15:14 -07:00
5a6e4e5b43
Let's Encrypt has been using a cross-signed intermediate CA by DST Root CA X3, which is included in any older devices' TrustStore.
...
https://letsencrypt.org/certificates/
Let's Encrypt is transitioning to use the intermediate CA issued by their own root (ISRG X1) starting from September 29th 2020. This is in preparation of concluding the initial bootstrapping of their CA, by having it cross-signed by an older CA.
https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html
This PR allows Lemur to pin to the cross-signed ICA (same public/private key pair as the ICA signed by ISRG X1). This will prolong support for incompatible systems.
2020-08-27 14:15:14 -07:00
c169ad291e
adding the correct signing algorithm, and a missing key Type
2020-08-27 13:29:56 -07:00
3242fc1e13
Validity with radio buttons
2020-08-26 19:30:12 -07:00
6aedd3b0d8
Datepicker enhancements
2020-08-25 18:40:36 -07:00
3efe14c43f
Remove 397 days validation as it causes error in API calls
...
More to come in future
2020-08-25 16:26:20 -07:00
4f148f3bc3
Merge branch 'master' into master
2020-08-20 11:33:18 +02:00
1b73b1d080
Merge branch 'master' into master
2020-08-19 12:29:02 +02:00
c2116df652
Extended ADCS_TEMPLATE_ Variable
...
If there is a config variable ADCS_TEMPLATE_<upper(authority.name)> take the value as Cert template else default to ADCS_TEMPLATE to be compatible with former versions
2020-08-19 12:25:52 +02:00
5b96b3a032
Lint error fix
2020-08-18 20:03:15 -07:00
240f0b99c8
Max end date as per start date + default validity 3 years
2020-08-18 19:34:59 -07:00
bc5579e9bf
max date on UI as per max validity configs
2020-08-18 14:50:42 -07:00
5b3f40467b
Make Organizational Unit optional
2020-08-18 14:50:42 -07:00
6ff8910f87
mention 397 for digicert plugin
2020-08-11 18:53:19 -07:00
d7ca1570be
maximum 1 year validity for digicert
2020-08-11 18:02:42 -07:00
bde2829e72
Modify unit test test_determine_end_date to match new config
2020-08-11 17:10:29 -07:00
18a3514974
Renaming PUBLIC_CA to PUBLIC_CA_AUTHORITY_NAMES
2020-08-10 18:06:45 -07:00
csine-nflx
charhate
sayali
Hossein Shafagh
Jasmine Schladen
Chad S
Mathias Petermann
Emmanuel Garette
Jasmine Schladen
sirferl
sirferl
Hossein Shafagh