Emmanuel Garette
6f7ddb3a25
WIP: add OpenSSH plugin
2020-11-14 11:50:56 +01:00
206d010c9a
Version updates and making lint happy
2020-11-04 18:23:39 -08:00
95b647ee1d
Merge branch 'master' into ecc_changes
2020-10-28 13:54:14 -07:00
10aa02fd85
more compact design, thanks to Chad for the feedback
2020-10-27 14:42:51 -07:00
54c2245115
comments
2020-10-27 12:47:35 -07:00
d59a558d58
adopting ilike and not relying on ==
...
reducing redundancy
2020-10-27 12:44:38 -07:00
3b258447db
addressing Chad's feedbakc
2020-10-26 19:16:40 -07:00
1ef6139f9b
ignore rotated certs, since there is a new cert that can be used
2020-10-26 18:34:21 -07:00
6a1b4b4857
ignore expired certs
2020-10-26 18:33:33 -07:00
709a9808aa
better structure of the query and and removing ilike
2020-10-26 18:32:53 -07:00
2c22d42a57
Modify description during reissue
...
Include the certificate ID being reissued and mention that this is created by Lemur as part of reissue
2020-10-23 17:07:14 -07:00
2b274f723a
Merge branch 'master' into improved-logging
2020-10-23 07:59:30 -07:00
03d1af16e7
better logging for exceptions around all plugins
2020-10-22 15:59:38 -07:00
92eec5cc9c
revocation should only check for not expired and not revoked certs
2020-10-21 18:52:55 -07:00
fb4df8865b
Formatting changes and typo
2020-10-09 17:58:03 -07:00
d52e0d4e09
Certificate edit: update role and notification with owner change
2020-10-09 16:55:30 -07:00
8928e04385
Fix disable notify
2020-10-08 11:38:52 -07:00
c40d297735
Merge branch 'master' into ilabun/optimize-certificates-sql
2020-06-09 14:20:31 -07:00
8f16688b0a
Merge branch 'master' into check-revoke-revised
2020-05-22 17:45:50 -07:00
49c4a9c3b2
making the revocation to be scoped based on the authority plugin name
2020-05-22 17:29:30 -07:00
2582086d39
Merge branch 'master' into ilabun/optimize-certificates-sql
2020-05-21 15:39:58 -07:00
863af7a3e5
Making CLI command ; Running black
2020-04-28 12:16:46 -07:00
273c3e2793
Celery task to enable autorotate for all certificates attached to endpoints without it enabled
2020-04-28 11:52:43 -07:00
1d4da0e3d8
another polish
2020-03-17 16:59:09 -07:00
ecca003ab4
improving the documentation and method naming
2020-03-17 16:55:36 -07:00
34d23503de
fixing the data bug
2020-03-14 20:41:03 -07:00
593c35776c
adding new methods for getting pending clean
2020-03-14 20:17:05 -07:00
bc1a2cf69c
Optimize certificates SQL query
...
Co-authored-by: Javier Ramos <javier.ramos@booking.com>
2020-01-13 14:43:41 +01:00
00a0a27826
used fixedName variable to transport db lookup optimization
2019-11-20 09:44:31 -08:00
a13c45e9cc
updating dependencies, and fixing the deprecated arrow.replaces to shift
2019-09-20 13:49:38 -07:00
8340e0653b
making lint happy
2019-08-07 18:04:28 -07:00
d1519343d1
improving check revoked by only considering authorities which do support revocation and also only including not expired certs
2019-08-07 17:54:10 -07:00
23caac5576
Merge branch 'master' into temp-ExpiredToggle-3
2019-06-21 08:59:53 -07:00
34cdd29a50
removing the rotation enabled requirement, to keep the endpoint generic
2019-06-20 16:06:26 -07:00
f836c6fff6
API additions for viewing expired certs as well. Default behavior modified to show only valid certs and those which have expired less than 1 month ago.
2019-06-17 14:29:48 -07:00
071c083eae
hiding expired certs after 6 months from the main page
2019-05-30 10:21:03 -07:00
68fd1556b2
Black lint all the things
2019-05-16 07:57:02 -07:00
f452a7ce68
adding a new API for faster certificate lookup.
...
The new API api/1/certificates/valid returns only non-expired (not_after >= today) certs which have auto-rotate enabled:
cn is a required parameter:
http://localhost:8000/api/1/certificates/valid?filter=cn;example.com
cn can also be a database string wildcard ('%'):
http://localhost:8000/api/1/certificates/valid?filter=cn;%
owner is the additional parameter, and must be the email address of the owner:
http://localhost:8000/api/1/certificates/valid?filter=cn;example.com&owner=hossein@example.com
given owner and a database string wildcard ('%') one can retrieve all certs for that owner, which are still valid, and have auto-rotate enabled:
http://localhost:8000/api/1/certificates/valid?filter=cn;%&owner=hossein@example.com
2019-05-11 18:06:51 -07:00
e33a103ca1
Allow searching for certificates by name via API
2019-05-09 14:36:56 -07:00
45cb0f0513
Merge branch 'master' into allow-cert-deletion
2019-03-06 09:35:10 -08:00
dd2900bdbc
Relax search;update requirements
2019-03-04 10:04:06 -08:00
8abf95063c
Implement a ALLOW_CERT_DELETION option (boolean, default False). When enabled, the certificate delete API call will work and the UI
...
will no longer display deleted certificates. When disabled (the default), the delete API call will not work (405 method not allowed)
and the UI will show all certificates, regardless of the 'deleted' flag.
2019-02-14 11:57:27 +01:00
8e93d007be
Merge branch 'master' into get_by_attributes
2019-02-01 16:48:50 -08:00
e24a94d798
Enforce that PEM strings (certs, keys, CSR) are internally passed as str, not bytes
...
This was already true in most places but not 100%, leading to lots of redundant checks and conversions.
2019-01-30 18:11:24 +02:00
31a86687e7
Reduce the expense of joins
2019-01-14 09:20:02 -08:00
c4e6e7c59b
Optimize DB cert filtering
2019-01-14 08:02:27 -08:00
39b76d18dc
add countdown to async call
2018-11-28 14:41:56 -08:00
e074a14ee9
unit test
2018-11-28 14:27:03 -08:00
2381d0a4bb
Add async call to create pending cert when needed
2018-11-28 11:32:52 -08:00
3ce8abe46e
Left outer join on domains tables to avoid missing results
2018-11-13 14:33:17 -08:00
Emmanuel Garette
sayali
charhate
Hossein Shafagh
Curtis Castrapel
Ilya Labun
Jay Zarfoss
Kush Bavishi
Hossein Shafagh
Ronald Moesbergen
Marti Raudsepp
Curtis Castrapel