Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,483 Commits 4 Branches 45 Tags 7.5 MiB
40f4444099
Commit Graph

240 Commits

Author SHA1 Message Date
Sakti Dwi Cahyono
520404c215 fix string -> byte conversion on python2 (#472) 2016-11-16 16:03:38 -08:00
kevgliss
94d619cfa6 Minor errors. (#484) 2016-11-10 14:34:45 -08:00
kevgliss
89470a0ce0 Adding default validity and retry logic. (#483) 2016-11-10 11:23:37 -08:00
kevgliss
e6b291d034 Time (#482) 
* adding python 3.5 as a target

* adding env flag

* Aligning on arrow dates.
 2016-11-09 10:56:22 -08:00
kevgliss
25a6c722b6 Adding digicert documentation. (#480) 2016-11-08 14:56:05 -08:00
kevgliss
aa979e31fd Digicert plugin (#478) 
* Initial work on digicert plugin.

* Adding certificate pickup, to digicert plugin.

* Removing and rotating test api key.
 2016-11-07 14:40:00 -08:00
kevgliss
b74df2b3e4 Minor changes for python3. (#477) 2016-11-07 14:33:07 -08:00
kevgliss
a6360ebfe5 Adding pending certificate metric. (#473) 2016-11-01 14:24:45 -07:00
kevgliss
d99681904e Fixing test to take python3 into account. (#460) 
* Fixing test to take python3 into account.
 2016-10-31 17:02:08 -07:00
kevgliss
1ac1a44e83 San alt name (#468) 2016-10-31 11:00:15 -07:00
Charles Hendrie
cd9c112218 Implement a CFSSL issuer plugin (#452) 
* Implement CFSSL issuer plugin

Implement a Lemur plugin for generating certificates from the open
source certificate authority CFSSL
(https://github.com/cloudflare/cfssl). The plugin interacts with CFSSL
through the CFSSL REST API. The CFSSL configuration is defined in the
lemur.conf.py property file using property names prefixed with "CFSSL_".

* Update documentation to include CFSSL plugin
 2016-10-22 00:52:18 -07:00
Mike Grima
10d833e598 Added Symantec plugin error checking for invalid domain suffix (#449) 2016-10-13 15:23:56 -07:00
Charles Hendrie
f179e74a4a Fix Java export default password generator (#441) 
When exporting a certificate, the password is an optional parameter.
When a password is not supplied by the caller, a default password is
generated by the method. The generation library creates the random
password as a bytes object. The bytes object raises an error in the
'keytool' command used to export the certificate. The keytool is
expecting the password to be a str object.

The fix is to decode the generated password from a bytes object to a str
object.

The associated Java plugin tests have been updated to verify the export
method returns the password as a str object. In addition, the tests have
been updated to correctly test the export methods response object. The
original tests treated the response as a single object. The current
export methods return a tuple of data (type, password, data).

In order to make the tests compatible with both Python2 and Python3, the
'six' library was used to test the password is in fact a string.
 2016-10-10 22:43:23 -07:00
kevgliss
72a390c563 Ensure the openssl and cryptography work under python3. (#438) 2016-10-09 00:06:15 -07:00
Charles Hendrie
5cbf5365c5 Active S3 destination plugin (#433) 
* Activate the AWS S3 destination plugin

Add the AWS S3 destination plugin to the list of available Lemur
plugins.

Update the S3 destination plugin's "accountNumber" option to be of type
'str' to handle account numbers starting with zeros.

Update Lemur's utils for parsing certificates to correctly encode the
X509 certificates before loading for python3.

* Add S3 destination plugin test

Added simple test to verify S3 destination plugin is available.
 2016-10-08 17:06:20 -07:00
kevgliss
18b99c0de4 Fixing an issue where openssl can't find the certificates to create PKCS12 files (#408) 2016-08-17 10:33:59 -07:00
kevgliss
29a330b1f4 Orphaned certificates (#406) 
* Fixing whitespace.

* Fixing syncing.

* Fixing tests
 2016-07-28 13:08:24 -07:00
kevgliss
3db669b24d Ensuring that the temporary certificate is created correctly (#400) 2016-07-12 18:07:11 -07:00
kevgliss
f38868a97f Fixing various problems with the syncing of endpoints, throttling sta… (#398) 
* Fixing various problems with the syncing of endpoints, throttling stale endpoints etc.
 2016-07-12 08:40:49 -07:00
kevgliss
74bf54cb8f Slack spruce up (#394) 
* Formatting slack message.

* Tweaking tests.
 2016-07-06 10:27:13 -07:00
kevgliss
4077893d08 Ensuring that destinations require private keys by default. (#390) 
* Ensuring that destinations require private keys by default.
 2016-07-04 15:30:20 -07:00
kevgliss
300e2d0b7d Adding plugin tests. (#385) 
* Adding plugin tests.

* Fixing some python 2/3 incompatibilities.
 2016-07-01 11:32:19 -07:00
kevgliss
9aec899bfd Fixing a few errors. 
* Fixing organizational_unit and common name

* FIxing organization name and allow creaters to view CA.
 2016-06-29 16:16:37 -07:00
kevgliss
54b888bb08 Adding a toy certificate authority. (#378) 2016-06-29 09:05:39 -07:00
kevgliss
c8447dea3d Fixing a few issues with startup. (#374) 2016-06-28 14:28:05 -07:00
kevgliss
5021e8ba91 Adding ACME Support (#178) 2016-06-27 15:57:53 -07:00
kevgliss
f846d78778 S3 destination (#371) 2016-06-27 15:11:46 -07:00
kevgliss
fe9703dd94 Closes #284 (#336) 2016-06-27 14:40:46 -07:00
mik373
b44a7c73d8 Kubernetes desination plugin (#357) 
* Kubernetes desination plugin

* fixing build warnings

* fixing build warnings
 2016-06-27 14:40:01 -07:00
kevgliss
76037e8b3a Fixing certificate names. (#337) 2016-05-27 12:00:10 -07:00
kevgliss
58e8fe0bd0 Fixes various issues. (#316) 2016-05-13 14:35:38 -07:00
kevgliss
a0c8765588 Various bug fixes. (#314) 2016-05-12 12:38:44 -07:00
Harm Weites
776e0fcd11 Slack plugin for notifications (#305) 2016-05-08 09:07:16 -07:00
kevgliss
52f44c3ea6 Closes #278 and #199, Starting transition to marshmallow (#299) 
* Closes #278  and #199, Starting transition to marshmallow
 2016-05-05 12:52:08 -07:00
kevgliss
db8243b4b4 Closes #301 2016-05-04 16:56:05 -07:00
kevgliss
9b0e0fa9c2 removing validtion from openssl 2016-04-25 16:11:37 -07:00
kevgliss
dbd1279226 Fixes #289 and #275 2016-04-21 16:22:19 -07:00
kevgliss
3f89d6d009 Merge pull request #271 from kevgliss/195 
Closes #195
 2016-04-08 12:01:10 -07:00
kevgliss
c2387dc120 Fixes an issue where custom OIDs would clear out san extensions 2016-04-07 10:29:08 -07:00
kevgliss
dbc4964e94 Fixing an issue were metrics would not be sent 2016-04-05 10:23:33 -07:00
kevgliss
62d03b0d41 Closes #216 2016-04-01 16:54:33 -07:00
kevgliss
bfcfdb83a7 Closes #195 2016-04-01 14:27:57 -07:00
kevgliss
028d86c0bb Adding a new flag to export plugins 'requires_key' that specifies whether the export plugin needs access to the private key. Defaults to True. 2016-01-29 12:45:18 -08:00
kevgliss
bd46440d12 relaxing keystore password validation 2016-01-29 10:29:04 -08:00
kevgliss
d87ace8c89 Merge pull request #211 from kevgliss/hotfix 
fixing an issue were urllib does not like unicode
 2016-01-11 10:38:45 -08:00
kevgliss
b1326d4145 fixing an issue were urllib does not like unicode 2016-01-11 10:31:58 -08:00
kevgliss
5482bbf4bd Fixing issue where we were seeing AWS API errors due to certificates not having private keys and could not be uploaded or 'synced' 2016-01-07 13:42:46 -08:00
kevgliss
b8c2d42cad Closes #176 2015-12-17 14:52:20 -08:00
kevgliss
2896ce0dad Closes #172 2015-12-16 08:18:01 -08:00
kevgliss
6d17e4d538 Fixing templates 2015-12-04 09:51:38 -08:00
kevgliss
aa18b88a61 Making the notification email template cleaner 2015-12-01 17:13:43 -08:00
kevgliss
ec896461a7 Adding final touches to #125 2015-11-30 09:47:36 -08:00
kevgliss
8eeed821d3 Adding UI elements 2015-11-27 13:27:14 -08:00
kevgliss
920d595c12 Initial work on #125 2015-11-25 14:54:08 -08:00
kevgliss
d4bc6ae7a1 Fixes #105 2015-10-02 13:46:13 -07:00
Eric Mill
baef329a4d Rename SSL to TLS 2015-09-21 18:16:19 -04:00
kevgliss
fc0a884d5f Cleaning up unneed/unused files 2015-09-20 09:49:16 -07:00
kevgliss
a563986ce4 fixing an error where dates components were not replaced in logical order 2015-09-16 11:10:09 -07:00
kevgliss
25f652c1eb fixing merge conflict 2015-09-11 08:38:48 -07:00
kevgliss
7f119e95e1 making the verisign urls more generic 2015-09-11 08:27:34 -07:00
kevgliss
9da713ab06 cleaning up references to netflix 2015-09-04 15:29:57 -07:00
kevgliss
180c8228e1 adding verisign source 2015-09-02 14:37:07 -07:00
kevgliss
efec79d8de removing silly description validation from lemur and enforcing it on the cloudca plugin (who actually cares) 2015-09-02 09:15:12 -07:00
kevgliss
62950128a2 Adding a better error message for really long common names Fixes #38 2015-09-02 09:15:11 -07:00
kevgliss
7471984ecf removing silly description validation from lemur and enforcing it on the cloudca plugin (who actually cares) 2015-08-29 13:57:07 -07:00
kevgliss
df9b345541 Adding a better error message for really long common names Fixes #38 2015-08-29 13:57:07 -07:00
Jeremy Heffner
627b36d2a5 Adding method to get existing listeners 2015-08-27 15:45:00 -07:00
Jeremy Heffner
09bc79ef84 Merge remote-tracking branch 'upstream/master' into elb-ssl-automation 2015-08-24 12:18:40 -07:00
kevgliss
75de814b15 Adding new verisign error 2015-08-24 09:43:30 -07:00
Jeremy Heffner
dbfd6b1e17 Fixing this so it pulls the named option 2015-08-21 13:09:29 -07:00
kevgliss
28e12a973f Misc fixed around certificate notifications 2015-08-19 10:07:22 -07:00
kevgliss
c6747439fb Misc fixed around certificate syncing 2015-08-18 16:17:20 -07:00
kevgliss
dd607e5c07 Making CLOUDCA_API_ENDPOINT configurable 2015-08-17 17:09:31 -07:00
kevgliss
63b1babf7b Fixing a few syntax errors 2015-08-03 21:16:55 -07:00
kevgliss
a873e5c7ea Lots of minor fixes 2015-08-03 15:52:39 -07:00
kevgliss
7d169f7c4c Fixing up some of the sync related code 2015-08-03 13:51:27 -07:00
kevgliss
0360ccc666 Cleaning up some documentation 2015-08-03 09:49:33 -07:00
kevgliss
cdb3814469 Fixing notification deduplication and roll up 2015-08-02 09:14:27 -07:00
kevgliss
d3b0822e14 updating docs with new API endpoints and plugin information 2015-07-30 22:54:59 -07:00
kevgliss
1e748a64d7 Initial support for notification plugins closes #8, closes #9, closes #7, closes #4, closes #16 2015-07-29 17:13:06 -07:00
kevgliss
c02390d63b PEP8 2015-07-23 09:08:07 -07:00
kevgliss
017eab6e39 Adding tests to AWS plugin 2015-07-23 08:52:56 -07:00
kevgliss
c75e20a1ea Pleasing the PEP8 gods 2015-07-21 13:06:13 -07:00
kevgliss
a30a8481d0 Adding support for multiple plugin types. 2015-07-10 17:09:22 -07:00
kevgliss
0c7204cdb9 Refactored 'accounts' to be more general with 'destinations' 2015-07-10 17:06:57 -07:00
kevgliss
bc6202adf7 Refactoring out static methods and removing the old SHA1 intermediate certificates. 2015-07-08 16:41:45 -07:00
kevgliss
1a2e437b33 Factoring out 'dry' run. This doesn't really make sense to have as we don't have a concept of a pre-flight request. Plugin tests should mock out their particular dependencies. 2015-07-08 16:40:46 -07:00
kevgliss
8239aa55e1 fixing conflicts 2015-07-07 16:26:37 -07:00
kevgliss
6d384f342f adding test utils 2015-07-07 15:32:55 -07:00
kevgliss
3f49bb95ff Starting to move to new plugin architecture. 2015-07-04 12:47:57 -07:00