Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,057 Commits 4 Branches 45 Tags 7.5 MiB
Commit Graph

163 Commits

Author SHA1 Message Date
Chad S f7938bf226
Merge branch 'master' into stats_whitelist_01 2021-03-17 11:06:24 -07:00
Hossein Shafagh e530664da6 exclude revoked certs from default to auto-rotate 2021-03-04 19:11:20 -08:00
csine-nflx 377ba25413 Adding allow_list to stats endpoint 2021-02-22 14:56:34 -08:00
Hossein Shafagh 5fb98f747c comment 2021-01-29 15:45:51 -08:00
sayali ba050028ca Paginate valid certificate fetch API 2021-01-06 11:28:18 -08:00
sayali 8f16402c0a Config to change algo to ECC during reissue 2021-01-05 18:13:09 -08:00
Jasmine Schladen 576c69c8e5 Fix DB query for cert count for authority 2020-12-03 17:56:39 -08:00
Jasmine Schladen 42957cffc7 PR feedback: add config option to enable rotation emails, add cert count and type to email 2020-12-03 16:10:36 -08:00
sayali 7a1f13dcb5 CRL Reason for certificate revoke 2020-11-30 20:06:37 -08:00
sayali 1207de8925 Remove certificate from AWS and cleanup after cert revoke 2020-11-23 15:24:11 -08:00
sayali 206d010c9a Version updates and making lint happy 2020-11-04 18:23:39 -08:00
charhate 95b647ee1d
Merge branch 'master' into ecc_changes 2020-10-28 13:54:14 -07:00
Hossein Shafagh 10aa02fd85 more compact design, thanks to Chad for the feedback 2020-10-27 14:42:51 -07:00
Hossein Shafagh 54c2245115 comments 2020-10-27 12:47:35 -07:00
Hossein Shafagh d59a558d58 adopting ilike and not relying on == 
reducing redundancy
 2020-10-27 12:44:38 -07:00
Hossein Shafagh 3b258447db addressing Chad's feedbakc 2020-10-26 19:16:40 -07:00
Hossein Shafagh 1ef6139f9b ignore rotated certs, since there is a new cert that can be used 2020-10-26 18:34:21 -07:00
Hossein Shafagh 6a1b4b4857 ignore expired certs 2020-10-26 18:33:33 -07:00
Hossein Shafagh 709a9808aa better structure of the query and and removing ilike 2020-10-26 18:32:53 -07:00
sayali 2c22d42a57 Modify description during reissue 
Include the certificate ID being reissued and mention that this is created by Lemur as part of reissue
 2020-10-23 17:07:14 -07:00
Hossein Shafagh 2b274f723a
Merge branch 'master' into improved-logging 2020-10-23 07:59:30 -07:00
Hossein Shafagh 03d1af16e7 better logging for exceptions around all plugins 2020-10-22 15:59:38 -07:00
Hossein Shafagh 92eec5cc9c revocation should only check for not expired and not revoked certs 2020-10-21 18:52:55 -07:00
sayali fb4df8865b Formatting changes and typo 2020-10-09 17:58:03 -07:00
sayali d52e0d4e09 Certificate edit: update role and notification with owner change 2020-10-09 16:55:30 -07:00
sayali 8928e04385 Fix disable notify 2020-10-08 11:38:52 -07:00
Hossein Shafagh c40d297735
Merge branch 'master' into ilabun/optimize-certificates-sql 2020-06-09 14:20:31 -07:00
Hossein Shafagh 8f16688b0a
Merge branch 'master' into check-revoke-revised 2020-05-22 17:45:50 -07:00
Hossein Shafagh 49c4a9c3b2 making the revocation to be scoped based on the authority plugin name 2020-05-22 17:29:30 -07:00
Hossein Shafagh 2582086d39
Merge branch 'master' into ilabun/optimize-certificates-sql 2020-05-21 15:39:58 -07:00
Curtis Castrapel 863af7a3e5 Making CLI command ; Running black 2020-04-28 12:16:46 -07:00
Curtis Castrapel 273c3e2793 Celery task to enable autorotate for all certificates attached to endpoints without it enabled 2020-04-28 11:52:43 -07:00
Hossein Shafagh 1d4da0e3d8 another polish 2020-03-17 16:59:09 -07:00
Hossein Shafagh ecca003ab4 improving the documentation and method naming 2020-03-17 16:55:36 -07:00
Hossein Shafagh 34d23503de fixing the data bug 2020-03-14 20:41:03 -07:00
Hossein Shafagh 593c35776c adding new methods for getting pending clean 2020-03-14 20:17:05 -07:00
Ilya Labun bc1a2cf69c Optimize certificates SQL query 
Co-authored-by: Javier Ramos <javier.ramos@booking.com>
 2020-01-13 14:43:41 +01:00
Jay Zarfoss 00a0a27826 used fixedName variable to transport db lookup optimization 2019-11-20 09:44:31 -08:00
Hossein Shafagh a13c45e9cc updating dependencies, and fixing the deprecated arrow.replaces to shift 2019-09-20 13:49:38 -07:00
Hossein Shafagh 8340e0653b making lint happy 2019-08-07 18:04:28 -07:00
Hossein Shafagh d1519343d1 improving check revoked by only considering authorities which do support revocation and also only including not expired certs 2019-08-07 17:54:10 -07:00
Hossein Shafagh 23caac5576
Merge branch 'master' into temp-ExpiredToggle-3 2019-06-21 08:59:53 -07:00
Hossein Shafagh 34cdd29a50 removing the rotation enabled requirement, to keep the endpoint generic 2019-06-20 16:06:26 -07:00
Kush Bavishi f836c6fff6 API additions for viewing expired certs as well. Default behavior modified to show only valid certs and those which have expired less than 1 month ago. 2019-06-17 14:29:48 -07:00
Hossein Shafagh 071c083eae hiding expired certs after 6 months from the main page 2019-05-30 10:21:03 -07:00
Curtis Castrapel 68fd1556b2 Black lint all the things 2019-05-16 07:57:02 -07:00
Hossein Shafagh f452a7ce68 adding a new API for faster certificate lookup. 
The new API api/1/certificates/valid returns only non-expired (not_after >= today) certs which have auto-rotate enabled:

cn is a required parameter:

http://localhost:8000/api/1/certificates/valid?filter=cn;example.com
cn can also be a database string wildcard ('%'):

http://localhost:8000/api/1/certificates/valid?filter=cn;%
owner is the additional parameter, and must be the email address of the owner:

http://localhost:8000/api/1/certificates/valid?filter=cn;example.com&owner=hossein@example.com
given owner  and a database string wildcard ('%') one can retrieve all certs for that owner, which are still valid, and have auto-rotate enabled:

http://localhost:8000/api/1/certificates/valid?filter=cn;%&owner=hossein@example.com
 2019-05-11 18:06:51 -07:00
Curtis Castrapel e33a103ca1 Allow searching for certificates by name via API 2019-05-09 14:36:56 -07:00
Hossein Shafagh 45cb0f0513
Merge branch 'master' into allow-cert-deletion 2019-03-06 09:35:10 -08:00
Curtis Castrapel dd2900bdbc Relax search;update requirements 2019-03-04 10:04:06 -08:00