kevgliss
443eb43d1f
Adding the ability to specify a per-certificate rotation policy. ( #851 )
2017-07-12 16:46:11 -07:00
kevgliss
75787d20bc
ensuring that lemur's default user has a valid email ( #765 )
2017-04-27 09:53:35 -07:00
kevgliss
beba2ba092
Adding additional reporting and refactoring existing setup. ( #620 )
2016-12-20 12:48:14 -08:00
kevgliss
02991c70a9
Allow Lemur "start" to use the global config. ( #596 )
...
* allowing our runserver to use the config specified by -c
* Maintaining config for gunicorn
2016-12-14 13:23:50 -08:00
Marti Raudsepp
71ddbb409c
Minor documentation fixes/tweaks ( #597 )
...
Mostly typos, grammar errors and inconsistent indentation in code
examples.
Some errors detected using Topy (https://github.com/intgr/topy ), all
changes verified by hand.
2016-12-14 09:29:04 -08:00
kevgliss
968dd52f6f
Fixes ( #576 )
...
* Fixing email notification
* Adding endpoint expiration
* Fixing endpoint type for ELBs
* Allowing verisign to include additional SANs
2016-12-08 15:52:27 -08:00
kevgliss
be1415fbd4
Ensuring new cli is available ( #574 )
2016-12-08 09:11:19 -08:00
kevgliss
fc205713c8
Certificate rotation enhancements ( #570 )
2016-12-07 16:24:59 -08:00
kevgliss
e94cf6ddc9
Ensuring that certificates returned from digicert are in the proper format ( #564 )
2016-12-06 12:05:18 -08:00
kevgliss
81272a2f7a
Moving validation to server start. ( #563 )
2016-12-05 16:43:38 -08:00
kevgliss
a40bc65fd4
Default authority. ( #549 )
...
* Enabling the specification of a default authority, if no default is found then the first available authority is selected
* PEP8
* Skipping tests relying on keytool
2016-12-01 15:42:03 -08:00
kevgliss
e1bbf9d80c
Improving endpoint rotation logic ( #545 )
2016-11-30 15:11:17 -08:00
kevgliss
058d2938fb
migrating off of openssl ( #539 )
2016-11-29 11:30:44 -08:00
kevgliss
8e5323e2d7
migrating flask imports ( #525 )
2016-11-22 21:11:20 -08:00
kevgliss
d5d036b412
adding a work around for new gunicorn ( #523 )
2016-11-22 16:47:29 -08:00
kevgliss
b3aa057d58
Upgrade deps. ( #517 )
2016-11-21 14:29:20 -08:00
kevgliss
dd6d332166
Removing python2 compatibility. ( #518 )
2016-11-21 14:03:04 -08:00
kevgliss
6eca2eb147
Re-working the way audit logs work.
...
* Adding more checks.
2016-11-21 11:28:11 -08:00
kevgliss
d45e7d6b85
[WIP] - 422 elb rotate ( #493 )
...
* Initial work on certificate rotation.
* Adding ability to get additional certificate info.
* - Adding endpoint rotation.
- Removes the g requirement from all services to enable easier testing.
2016-11-18 11:27:46 -08:00
kevgliss
a616310eb7
Fixing an issue were aws certificates plugins might not have a chain. ( #512 )
2016-11-17 14:47:10 -08:00
kevgliss
3f2691c5d4
Minor fixes. ( #502 )
2016-11-16 13:23:35 -08:00
JohnTheodore
dd14fd202d
clean out ADMINS references ( #495 )
...
* add variables to the documentation forwq oauth2
* remove old reference to ADMINS to get rid of any confusion
2016-11-15 16:43:28 -08:00
kevgliss
7af68c3cc0
Adding additional metric gathering for failed sync operations. ( #488 )
2016-11-11 13:28:01 -08:00
kevgliss
a6360ebfe5
Adding pending certificate metric. ( #473 )
2016-11-01 14:24:45 -07:00
kevgliss
29a330b1f4
Orphaned certificates ( #406 )
...
* Fixing whitespace.
* Fixing syncing.
* Fixing tests
2016-07-28 13:08:24 -07:00
kevgliss
a644f45625
Adding some simplified reporting. ( #403 )
...
* Adding issuance report.
* Fixing whitespace.
2016-07-27 12:41:32 -07:00
kevgliss
c8eca56690
Closes #366 ( #387 )
2016-07-04 13:03:46 -07:00
kevgliss
fe9703dd94
Closes #284 ( #336 )
2016-06-27 14:40:46 -07:00
kevgliss
615df76dd5
Closes 262 ( #324 )
...
Moves the authority -> role relationship from a 1 -> many to a many -> many. This will allow one role to control and have access to many authorities.
2016-05-19 13:37:05 -07:00
kevgliss
112c6252d6
Adding password reset command to the cli. ( #325 )
2016-05-19 10:07:15 -07:00
kevgliss
52f44c3ea6
Closes #278 and #199 , Starting transition to marshmallow ( #299 )
...
* Closes #278 and #199 , Starting transition to marshmallow
2016-05-05 12:52:08 -07:00
kevgliss
b9fe359d23
Fixes #285 Renames sync_sources function to sync to align documentation.
2016-04-25 11:21:25 -07:00
kevgliss
48f8b33d7d
Adding a rolling metric count
2016-01-11 15:26:32 -08:00
kevgliss
053167965a
Adding command to transparently rotate the chain on an ELB
2016-01-10 14:20:36 -08:00
Matthias Hähnel
8bb9a8c5d1
Define ACTIVE_PROVIDERS in default config
...
The configuration item ACTIVE_PROVIDERS must be initialized
Workaround for this error:
2015-12-30 13:58:48,073 ERROR: Internal Error [in /www/lemur/local/lib/python2.7/site-packages/flask_restful/__init__.py:299]
Traceback (most recent call last):
File "/www/lemur/local/lib/python2.7/site-packages/flask/app.py", line 1475, in full_dispatch_request
rv = self.dispatch_request()
File "/www/lemur/local/lib/python2.7/site-packages/flask/app.py", line 1461, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/www/lemur/local/lib/python2.7/site-packages/flask_restful/__init__.py", line 462, in wrapper
resp = resource(*args, **kwargs)
File "/www/lemur/local/lib/python2.7/site-packages/flask/views.py", line 84, in view
return self.dispatch_request(*args, **kwargs)
File "/www/lemur/local/lib/python2.7/site-packages/flask_restful/__init__.py", line 572, in dispatch_request
resp = meth(*args, **kwargs)
File "/www/lemur/lemur/auth/views.py", line 276, in get
for provider in current_app.config.get("ACTIVE_PROVIDERS"):
TypeError: 'NoneType' object is not iterable
2015-12-30 14:56:59 +01:00
kevgliss
6211b126a9
Fixing py3 syntax error
2015-12-18 11:01:08 -05:00
kevgliss
54c3fcc72a
Adding rotate command
2015-12-17 23:17:27 -05:00
kevgliss
0453afcb0e
Fixing issuer where roles were not added correctly to user.
2015-10-26 10:59:20 -07:00
Robert Picard
40eb950e94
Use MultiFernet for encryption
...
Facilitates key rotation and uses more secure encryption than what
sqlalchemy-utils does.
Fixes #117 and #119 .
2015-10-13 16:58:58 -07:00
kevgliss
a20726a301
Fixing python 3.x syntax error
2015-10-06 13:11:24 -07:00
kevgliss
168f46a436
Adding the ability to track a certificates signing key algorithm
2015-10-06 12:51:59 -07:00
kevgliss
fc0a884d5f
Cleaning up unneed/unused files
2015-09-20 09:49:16 -07:00
kevgliss
1e314b505f
fixing keyerror
2015-09-08 18:18:14 -07:00
kevgliss
ef9a80ebfd
adding actual recipients
2015-09-08 18:03:18 -07:00
kevgliss
84d0afae4c
fixing email internvals
2015-09-08 17:56:20 -07:00
kevgliss
48a53ad436
fixing error in default password creation
2015-09-08 17:42:57 -07:00
kevgliss
2f4aee49e2
adding logging
2015-09-08 10:56:23 -07:00
kevgliss
f3f5b9eeb3
adding password commandline option
2015-09-08 10:56:23 -07:00
kevgliss
9da713ab06
cleaning up references to netflix
2015-09-04 15:29:57 -07:00
kevgliss
3b109ec578
Cleaning up temporary file creation, and revocation checking
2015-09-02 09:19:06 -07:00