Emmanuel Garette
6f7ddb3a25
WIP: add OpenSSH plugin
2020-11-14 11:50:56 +01:00
sayali
206d010c9a
Version updates and making lint happy
2020-11-04 18:23:39 -08:00
charhate
95b647ee1d
Merge branch 'master' into ecc_changes
2020-10-28 13:54:14 -07:00
Hossein Shafagh
10aa02fd85
more compact design, thanks to Chad for the feedback
2020-10-27 14:42:51 -07:00
Hossein Shafagh
54c2245115
comments
2020-10-27 12:47:35 -07:00
Hossein Shafagh
d59a558d58
adopting ilike and not relying on ==
...
reducing redundancy
2020-10-27 12:44:38 -07:00
Hossein Shafagh
3b258447db
addressing Chad's feedbakc
2020-10-26 19:16:40 -07:00
Hossein Shafagh
1ef6139f9b
ignore rotated certs, since there is a new cert that can be used
2020-10-26 18:34:21 -07:00
Hossein Shafagh
6a1b4b4857
ignore expired certs
2020-10-26 18:33:33 -07:00
Hossein Shafagh
709a9808aa
better structure of the query and and removing ilike
2020-10-26 18:32:53 -07:00
sayali
2c22d42a57
Modify description during reissue
...
Include the certificate ID being reissued and mention that this is created by Lemur as part of reissue
2020-10-23 17:07:14 -07:00
Hossein Shafagh
2b274f723a
Merge branch 'master' into improved-logging
2020-10-23 07:59:30 -07:00
Hossein Shafagh
03d1af16e7
better logging for exceptions around all plugins
2020-10-22 15:59:38 -07:00
Hossein Shafagh
92eec5cc9c
revocation should only check for not expired and not revoked certs
2020-10-21 18:52:55 -07:00
sayali
fb4df8865b
Formatting changes and typo
2020-10-09 17:58:03 -07:00
sayali
d52e0d4e09
Certificate edit: update role and notification with owner change
2020-10-09 16:55:30 -07:00
sayali
8928e04385
Fix disable notify
2020-10-08 11:38:52 -07:00
Hossein Shafagh
c40d297735
Merge branch 'master' into ilabun/optimize-certificates-sql
2020-06-09 14:20:31 -07:00
Hossein Shafagh
8f16688b0a
Merge branch 'master' into check-revoke-revised
2020-05-22 17:45:50 -07:00
Hossein Shafagh
49c4a9c3b2
making the revocation to be scoped based on the authority plugin name
2020-05-22 17:29:30 -07:00
Hossein Shafagh
2582086d39
Merge branch 'master' into ilabun/optimize-certificates-sql
2020-05-21 15:39:58 -07:00
Curtis Castrapel
863af7a3e5
Making CLI command ; Running black
2020-04-28 12:16:46 -07:00
Curtis Castrapel
273c3e2793
Celery task to enable autorotate for all certificates attached to endpoints without it enabled
2020-04-28 11:52:43 -07:00
Hossein Shafagh
1d4da0e3d8
another polish
2020-03-17 16:59:09 -07:00
Hossein Shafagh
ecca003ab4
improving the documentation and method naming
2020-03-17 16:55:36 -07:00
Hossein Shafagh
34d23503de
fixing the data bug
2020-03-14 20:41:03 -07:00
Hossein Shafagh
593c35776c
adding new methods for getting pending clean
2020-03-14 20:17:05 -07:00
Ilya Labun
bc1a2cf69c
Optimize certificates SQL query
...
Co-authored-by: Javier Ramos <javier.ramos@booking.com>
2020-01-13 14:43:41 +01:00
Jay Zarfoss
00a0a27826
used fixedName variable to transport db lookup optimization
2019-11-20 09:44:31 -08:00
Hossein Shafagh
a13c45e9cc
updating dependencies, and fixing the deprecated arrow.replaces to shift
2019-09-20 13:49:38 -07:00
Hossein Shafagh
8340e0653b
making lint happy
2019-08-07 18:04:28 -07:00
Hossein Shafagh
d1519343d1
improving check revoked by only considering authorities which do support revocation and also only including not expired certs
2019-08-07 17:54:10 -07:00
Hossein Shafagh
23caac5576
Merge branch 'master' into temp-ExpiredToggle-3
2019-06-21 08:59:53 -07:00
Hossein Shafagh
34cdd29a50
removing the rotation enabled requirement, to keep the endpoint generic
2019-06-20 16:06:26 -07:00
Kush Bavishi
f836c6fff6
API additions for viewing expired certs as well. Default behavior modified to show only valid certs and those which have expired less than 1 month ago.
2019-06-17 14:29:48 -07:00
Hossein Shafagh
071c083eae
hiding expired certs after 6 months from the main page
2019-05-30 10:21:03 -07:00
Curtis Castrapel
68fd1556b2
Black lint all the things
2019-05-16 07:57:02 -07:00
Hossein Shafagh
f452a7ce68
adding a new API for faster certificate lookup.
...
The new API api/1/certificates/valid returns only non-expired (not_after >= today) certs which have auto-rotate enabled:
cn is a required parameter:
http://localhost:8000/api/1/certificates/valid?filter=cn;example.com
cn can also be a database string wildcard ('%'):
http://localhost:8000/api/1/certificates/valid?filter=cn;%
owner is the additional parameter, and must be the email address of the owner:
http://localhost:8000/api/1/certificates/valid?filter=cn;example.com&owner=hossein@example.com
given owner and a database string wildcard ('%') one can retrieve all certs for that owner, which are still valid, and have auto-rotate enabled:
http://localhost:8000/api/1/certificates/valid?filter=cn;%&owner=hossein@example.com
2019-05-11 18:06:51 -07:00
Curtis Castrapel
e33a103ca1
Allow searching for certificates by name via API
2019-05-09 14:36:56 -07:00
Hossein Shafagh
45cb0f0513
Merge branch 'master' into allow-cert-deletion
2019-03-06 09:35:10 -08:00
Curtis Castrapel
dd2900bdbc
Relax search;update requirements
2019-03-04 10:04:06 -08:00
Ronald Moesbergen
8abf95063c
Implement a ALLOW_CERT_DELETION option (boolean, default False). When enabled, the certificate delete API call will work and the UI
...
will no longer display deleted certificates. When disabled (the default), the delete API call will not work (405 method not allowed)
and the UI will show all certificates, regardless of the 'deleted' flag.
2019-02-14 11:57:27 +01:00
Hossein Shafagh
8e93d007be
Merge branch 'master' into get_by_attributes
2019-02-01 16:48:50 -08:00
Marti Raudsepp
e24a94d798
Enforce that PEM strings (certs, keys, CSR) are internally passed as str, not bytes
...
This was already true in most places but not 100%, leading to lots of redundant checks and conversions.
2019-01-30 18:11:24 +02:00
Curtis Castrapel
31a86687e7
Reduce the expense of joins
2019-01-14 09:20:02 -08:00
Curtis Castrapel
c4e6e7c59b
Optimize DB cert filtering
2019-01-14 08:02:27 -08:00
Curtis Castrapel
39b76d18dc
add countdown to async call
2018-11-28 14:41:56 -08:00
Curtis Castrapel
e074a14ee9
unit test
2018-11-28 14:27:03 -08:00
Curtis Castrapel
2381d0a4bb
Add async call to create pending cert when needed
2018-11-28 11:32:52 -08:00
Curtis Castrapel
3ce8abe46e
Left outer join on domains tables to avoid missing results
2018-11-13 14:33:17 -08:00