Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,090 Commits 4 Branches 45 Tags
Commit Graph

364 Commits

Author SHA1 Message Date
Curtis Castrapel
273c3e2793 Celery task to enable autorotate for all certificates attached to endpoints without it enabled 2020-04-28 11:52:43 -07:00
Hossein Shafagh
2a2499a929 simplifying code 2020-03-26 20:45:00 -07:00
Hossein Shafagh
5206997468 expired is now called for new certs, where the not_after field might be in datetime format, and not comparable to utc 2020-03-26 19:01:07 -07:00
Hossein Shafagh
88c40aa93c
Merge branch 'master' into master 2020-03-23 20:31:16 -07:00
Hossein Shafagh
697215f8bc better handling of destination plugin errors, and also checking cert expiration before upload 2020-03-21 20:05:35 -07:00
Ilya Makarov
7bd5173da4 Merge with Netflix/lemur master 2020-03-20 20:52:33 +03:00
Hossein Shafagh
1d4da0e3d8 another polish 2020-03-17 16:59:09 -07:00
Hossein Shafagh
ecca003ab4 improving the documentation and method naming 2020-03-17 16:55:36 -07:00
Hossein Shafagh
34d23503de fixing the data bug 2020-03-14 20:41:03 -07:00
Hossein Shafagh
593c35776c adding new methods for getting pending clean 2020-03-14 20:17:05 -07:00
e11it
27a86f5c18
Fix: San values #2921 
Not sure is it correct solution
 2020-03-03 21:45:33 +03:00
Ilya Labun
5d8eb51ef4
Merge branch 'master' into ilabun/optimize-certificates-sql 2020-01-24 11:28:55 +01:00
rajatsharma94
9984470b58 fix fatal error in schema validator 2020-01-23 15:27:02 +01:00
Ilya Labun
bc1a2cf69c Optimize certificates SQL query 
Co-authored-by: Javier Ramos <javier.ramos@booking.com>
 2020-01-13 14:43:41 +01:00
Ilya Labun
189e8b2725 Eliminate subqueries when showing certificates list 2019-12-20 10:37:47 +01:00
Jay Zarfoss
00a0a27826 used fixedName variable to transport db lookup optimization 2019-11-20 09:44:31 -08:00
Hossein Shafagh
a13c45e9cc updating dependencies, and fixing the deprecated arrow.replaces to shift 2019-09-20 13:49:38 -07:00
Hossein Shafagh
8340e0653b making lint happy 2019-08-07 18:04:28 -07:00
Hossein Shafagh
d1519343d1 improving check revoked by only considering authorities which do support revocation and also only including not expired certs 2019-08-07 17:54:10 -07:00
Marti Raudsepp
2319858586 Expose new certificate field hasPrivateKey 
We can also now disable the 'private key' tab when cert doesn't have a
private key.
 2019-06-22 15:38:28 +03:00
Hossein Shafagh
23caac5576
Merge branch 'master' into temp-ExpiredToggle-3 2019-06-21 08:59:53 -07:00
Hossein Shafagh
34cdd29a50 removing the rotation enabled requirement, to keep the endpoint generic 2019-06-20 16:06:26 -07:00
Kush Bavishi
f836c6fff6 API additions for viewing expired certs as well. Default behavior modified to show only valid certs and those which have expired less than 1 month ago. 2019-06-17 14:29:48 -07:00
Hossein Shafagh
071c083eae hiding expired certs after 6 months from the main page 2019-05-30 10:21:03 -07:00
Hossein Shafagh
b4d9ab9f0c Merge branch 'master' of github.com:Netflix/lemur into improving-cert-lookup-time 2019-05-30 08:55:49 -07:00
Hossein Shafagh
13d46ae42e indexing the not after field in the cert table 2019-05-30 08:55:30 -07:00
Curtis Castrapel
f81adb1371 Make get_or_increase_name queries less demanding 2019-05-29 12:20:05 -07:00
Curtis Castrapel
68fd1556b2 Black lint all the things 2019-05-16 07:57:02 -07:00
Hossein Shafagh
f452a7ce68 adding a new API for faster certificate lookup. 
The new API api/1/certificates/valid returns only non-expired (not_after >= today) certs which have auto-rotate enabled:

cn is a required parameter:

http://localhost:8000/api/1/certificates/valid?filter=cn;example.com
cn can also be a database string wildcard ('%'):

http://localhost:8000/api/1/certificates/valid?filter=cn;%
owner is the additional parameter, and must be the email address of the owner:

http://localhost:8000/api/1/certificates/valid?filter=cn;example.com&owner=hossein@example.com
given owner  and a database string wildcard ('%') one can retrieve all certs for that owner, which are still valid, and have auto-rotate enabled:

http://localhost:8000/api/1/certificates/valid?filter=cn;%&owner=hossein@example.com
 2019-05-11 18:06:51 -07:00
Curtis Castrapel
e33a103ca1 Allow searching for certificates by name via API 2019-05-09 14:36:56 -07:00
Curtis Castrapel
87470602fd Gather more metrics on certificate reissue/rotate jobs 2019-05-08 07:48:08 -07:00
Curtis
f6afcc6d21
Merge branch 'master' into master 2019-04-17 10:28:46 -07:00
Javier Ramos
58dd424de8
Prevent potential NoneType not subscriptable 
Fix when data['extensions']['subAltNames']['names'] is none
 2019-04-17 18:33:52 +02:00
Jose Plana
770729a72e Allow csr to be empty during upload 2019-04-13 01:17:12 +02:00
Jose Plana
406753fcde Fix PEP8 2019-04-13 00:49:35 +02:00
Jose Plana
a5570d07bc Added some documentation for API users. 2019-04-13 00:48:19 +02:00
Jose Plana
c1b02cc8a5 Allow uploading csr along with certificates 2019-04-13 00:48:19 +02:00
Javier Ramos
d80a6bb405 Added tests for CSR parsing into CertificateInputSchema 2019-04-01 08:44:40 +02:00
Javier Ramos
b86e381e20 Parse SubjectAlternativeNames from CSR into Lemur Certificate 2019-03-27 13:46:33 +01:00
Curtis
4018c68d49
Merge branch 'master' into authority_validation_LE_errors 2019-03-25 08:34:10 -07:00
Curtis Castrapel
c2158ff8fb Add order URI during LE cert creation failure; Fail properly when invalid CA passed; Update reqs 2019-03-25 08:28:23 -07:00
Javier Ramos
9e5496b484
Update schemas.py 2019-03-15 10:19:25 +01:00
Javier Ramos
f7452e8379 Parse DNSNames from CSR into Lemur Certificate 2019-03-15 09:29:23 +01:00
Hossein Shafagh
93ce259fb2
Merge branch 'master' into verify-cert-chain 2019-03-07 12:46:19 -08:00
Hossein Shafagh
45cb0f0513
Merge branch 'master' into allow-cert-deletion 2019-03-06 09:35:10 -08:00
Hossein Shafagh
54ad3ba777
Merge branch 'master' into verify-cert-chain 2019-03-04 17:55:36 -08:00
Curtis Castrapel
dd2900bdbc Relax search;update requirements 2019-03-04 10:04:06 -08:00
Marti Raudsepp
10cec063c2 Check that stored certificate chain matches certificate 
Similar to how the private key is checked.
 2019-03-04 17:10:59 +02:00
Ronald Moesbergen
63de8047ce Return 'already deleted' instead of 'not found' when cert has already been deleted 2019-02-27 09:38:25 +01:00
Ronald Moesbergen
29bda6c00d Fix typo's 2019-02-14 11:58:29 +01:00