Curtis Castrapel
544a02ca3f
Addressing comments. Updating copyrights. Added function to determine authorative name server
2018-05-29 10:23:01 -07:00
Curtis Castrapel
a9b9b27a0b
fix tests
2018-05-10 12:58:04 -07:00
Curtis Castrapel
52e7ff9919
Allow specification of dns provider name only
2018-05-10 12:58:04 -07:00
Curtis Castrapel
6500559f8e
Fix issue with automatically renewing acme certificates
2018-05-08 14:54:10 -07:00
Curtis Castrapel
e68b3d2cbd
0.7 release
2018-05-07 09:58:24 -07:00
Curtis Castrapel
1be3f8368f
dyn support
2018-05-04 15:01:01 -07:00
Curtis Castrapel
3e64dd4653
Additional work
2018-05-04 15:01:01 -07:00
Curtis Castrapel
7704f51441
Working acme flow. Pending DNS providers UI
2018-04-24 09:38:57 -07:00
Curtis Castrapel
44e3b33aaa
More stuff. Will prioritize this more next week
2018-04-20 14:49:54 -07:00
Curtis Castrapel
18c64fafe4
address comment
2018-02-27 12:34:18 -08:00
Curtis Castrapel
77a1600c13
Fix cloned notifications
2018-02-27 10:57:43 -08:00
kevgliss
bb08b1e637
Initial work allowing certificates to be revoked. ( #941 )
...
* Initial work allowing for certificates to be revoked.
2017-09-28 18:27:56 -07:00
Marti Raudsepp
54ff4cddbf
Disallow issuing certificates from inactive authority ( #936 )
2017-09-25 15:34:49 -07:00
Marti Raudsepp
97d83890e0
Various minor cleanups and fixes ( #938 )
...
* Documentation fixes
* Various docstring and help string fixes
* Minor code cleanups
* Removed redundant .gitignore entry, ignored package-lock.json.
* 'return' statement in certificates.service.render was redundant
* Split up too long line
* Non-matching tags in templates
2017-09-25 15:33:42 -07:00
Marti Raudsepp
7762d6ed52
Reworked sensitive domain name and restriction logic ( #878 )
...
* This is a fix for a potential security issue; the old code had edge
cases with unexpected behavior.
* LEMUR_RESTRICTED_DOMAINS is no more, instead LEMUR_WHITELISTED_DOMAINS
is a list of *allowed* domain name patterns. Per discussion in PR #600
* Domain restrictions are now checked everywhere: in domain name-like
CN (common name) values and SAN DNSNames, including raw CSR requests.
* Common name values that contain a space are exempt, since they cannot
be valid domain names.
2017-08-16 19:24:49 -07:00
kevgliss
443eb43d1f
Adding the ability to specify a per-certificate rotation policy. ( #851 )
2017-07-12 16:46:11 -07:00
kevgliss
5a4806bc43
Allowing description to be optional. ( #826 )
2017-06-01 17:09:04 -07:00
Michael Treacher
ce5a45037a
Fix for status representation in the view ( #778 )
2017-05-05 11:04:40 -07:00
kevgliss
9c9ca37586
Enabling hex serial numbers without breaking backward compatibility. ( #779 )
...
* Enabling hex serial numbers without breaking backward compatibility.
* Fixing tests.
2017-05-05 11:04:09 -07:00
Michael Treacher
05f4ae8e58
Hexify cert serial ( #763 )
...
* Hexify serial at the serialization layer
* Fix for flakey test. Change test to test for uppercased string
2017-04-27 09:13:04 -07:00
kevgliss
fc957b63ff
Source syncing tweaks. ( #705 )
...
* Allow owner to be specified when syncing certs.
* Ensuring non-endpoint plugins don't fail to complete syncing.
* Adding in some additional error handling.
2017-03-03 14:53:56 -08:00
kevgliss
700c57b807
Rotation ui ( #633 )
...
* Adding rotation to the UI.
* Removing spinkit dependency.
2016-12-26 15:55:11 -08:00
kevgliss
ce75bba2c3
Replacement refactor. ( #631 )
...
* Deprecating replacement keyword.
* Def renaming.
2016-12-26 11:09:50 -08:00
kevgliss
cdcae4efb0
Closes #594 ( #621 )
2016-12-20 14:26:39 -08:00
kevgliss
a4b32b0d31
Fixing up notification testing ( #575 )
2016-12-08 11:33:40 -08:00
kevgliss
fc205713c8
Certificate rotation enhancements ( #570 )
2016-12-07 16:24:59 -08:00
kevgliss
81bf98c746
Enabling RSA2048 and RSA4096 as available key types ( #551 )
...
* Enabling RSA2048 and RSA4096 as available key types
* Fixing re-issuance
2016-12-01 15:41:53 -08:00
kevgliss
6fd47edbe3
Adds the ability to clone existing certificates. ( #513 )
2016-11-17 16:19:52 -08:00
kevgliss
a616310eb7
Fixing an issue were aws certificates plugins might not have a chain. ( #512 )
2016-11-17 14:47:10 -08:00
kevgliss
114deba06e
Adding the ability to silence notifications on creation. ( #490 )
2016-11-12 09:29:42 -08:00
kevgliss
e6b291d034
Time ( #482 )
...
* adding python 3.5 as a target
* adding env flag
* Aligning on arrow dates.
2016-11-09 10:56:22 -08:00
kevgliss
1ac1a44e83
San alt name ( #468 )
2016-10-31 11:00:15 -07:00
kevgliss
a8f44944b1
Closes #415
2016-10-17 23:23:14 -07:00
kevgliss
c367e4f73f
Prevents the silencing of notifications that are actively deployed. ( #454 )
...
* Renaming 'active' to 'notify' as this is clearer and more aligned to what this value is actually controlling. 'active' is now a property that depends on whether any endpoints were found to be using the certificate. Also added logic for issue #405 disallowing for a certificates' notifications to be silenced when it is actively deployed on an endpoint.
* Adding migration script to alter 'active' column.
2016-10-15 00:12:11 -07:00
kevgliss
dcb18a57c4
Adds option to restrict certificate expiration dates to weekdays. ( #453 )
...
* Adding ability to restrict certificate creation to weekdays.
* Ensuring that we test for weekends.
2016-10-15 00:04:35 -07:00
kevgliss
1ba7181067
Fixed an issue were default notifications were added even when updati… ( #395 )
...
* Fixed an issue were default notifications were added even when updating a certificate, resulting in duplicate notifications.
* Ensuring imported certificates get the same treatment.
2016-07-07 11:44:11 -07:00
kevgliss
54b888bb08
Adding a toy certificate authority. ( #378 )
2016-06-29 09:05:39 -07:00
kevgliss
fe9703dd94
Closes #284 ( #336 )
2016-06-27 14:40:46 -07:00
kevgliss
11f4bd503b
Fixes ( #332 )
...
* Ensuring domains are returned correctly.
* Ensuring certificates receive owner role
2016-05-24 17:10:19 -07:00
kevgliss
1ca38015bc
Fixes ( #329 )
...
* Modifying the way roles are assigned.
* Adding migration scripts.
* Adding endpoints field for future use.
* Fixing dropdowns.
2016-05-23 18:38:04 -07:00
kevgliss
656269ff17
Closes #147 ( #328 )
...
* Closes #147
* Fixing tests
* Ensuring we can validate max dates.
2016-05-23 11:28:25 -07:00
kevgliss
bd727b825d
Making roles more apparent for certificates and authorities. ( #327 )
2016-05-20 12:48:12 -07:00
kevgliss
e04c1e7dc9
Fixing a few things, adding tests. ( #326 )
2016-05-20 09:03:34 -07:00
kevgliss
1763a1a717
254 duplication certificate name ( #319 )
2016-05-16 15:59:40 -07:00
kevgliss
62b61ed980
Fixing various issues. ( #318 )
...
* Fixing various issues.
* Fixing tests
2016-05-16 11:09:50 -07:00
kevgliss
a0c8765588
Various bug fixes. ( #314 )
2016-05-12 12:38:44 -07:00
kevgliss
f9655213b3
Marshmallowing notifications. ( #308 )
2016-05-10 11:27:57 -07:00
kevgliss
df0ad4d875
Authorities marshmallow addition ( #303 )
2016-05-09 11:00:16 -07:00
kevgliss
52f44c3ea6
Closes #278 and #199 , Starting transition to marshmallow ( #299 )
...
* Closes #278 and #199 , Starting transition to marshmallow
2016-05-05 12:52:08 -07:00