Commit Graph

1021 Commits

Author SHA1 Message Date
Curtis Castrapel
87470602fd Gather more metrics on certificate reissue/rotate jobs 2019-05-08 07:48:08 -07:00
Curtis Castrapel
0eacbd42d7 Converting userinfo authorization to a config var 2019-05-07 15:31:42 -07:00
Hossein Shafagh
ff583981b1
Merge branch 'master' into aid_openid_roles_provider_integration 2019-05-07 09:06:02 -07:00
Curtis
22caaa0c95
Merge branch 'master' into fix_userinfo_authorization 2019-05-07 07:48:47 -07:00
Curtis
e65154b48e
Merge branch 'master' into develop 2019-05-07 07:36:51 -07:00
alwaysjolley
ef7a8587fe Merge branch 'lemur_vault_source' of github.com:/alwaysjolley/lemur into lemur_vault_source 2019-05-07 10:06:09 -04:00
alwaysjolley
b0c8901b0a lint cleanup 2019-05-07 10:05:01 -04:00
alwaysjolley
36ce1cc7ef
Merge branch 'master' into lemur_vault_source 2019-05-07 09:41:50 -04:00
alwaysjolley
fb3f0bd72a adding Vault Source plugin 2019-05-07 09:37:30 -04:00
Daniel Iancu
a7af3cf8d2 Fix Cloudflare DNS 2019-05-07 03:05:24 +03:00
Jose Plana
deed1b9685 Don't fail if googleGroups is not found in user profile 2019-05-06 12:30:25 +02:00
Jose Plana
2063baefc9 Fixes userinfo using Bearer token 2019-05-06 12:23:24 +02:00
Curtis Castrapel
3a1da72419 nt 2019-04-29 13:57:04 -07:00
Curtis Castrapel
6e3f394cff Updated requirements ; Revert change and require DNS validation by provider 2019-04-29 13:55:26 -07:00
Curtis Castrapel
1a90e71884 Move ACME host validation logic prior to R53 host modification 2019-04-26 17:27:44 -07:00
Curtis Castrapel
333ba8030a Ensure hostname is lowercase when comparing DNS challenges. ACME will automatically lowercase the hostname 2019-04-26 15:45:04 -07:00
Curtis Castrapel
1a3ba46873 More retry changes 2019-04-26 10:18:54 -07:00
Curtis Castrapel
1e64851d79 Strip out self-polling logic and rely on ACME; Enhance ELB logging and retries 2019-04-26 10:16:18 -07:00
Curtis
8eef95b58e
Merge branch 'master' into expose_verisign_exception 2019-04-25 19:15:55 -07:00
Curtis Castrapel
dcdfb32883 Expose verisign exceptions 2019-04-25 19:14:15 -07:00
Curtis Castrapel
39584f214b Process DNS Challenges appropriately (1 challenge -> 1 domain) 2019-04-25 15:12:52 -07:00
Curtis Castrapel
2bc604e5a9 Better metrics and error reporting 2019-04-25 13:50:41 -07:00
Curtis Castrapel
272285f64a Better exception handling, logging, and metrics for ACME flow 2019-04-24 15:26:23 -07:00
Curtis
0f9b0f39f7
Merge branch 'master' into add-pending-certificate-upload 2019-04-24 09:34:35 -07:00
alwaysjolley
a801112cf6
Merge branch 'master' into lemur_vault_plugin 2019-04-23 07:07:39 -04:00
alwaysjolley
85efb6a99e cleanup tmp files 2019-04-23 07:06:52 -04:00
Hossein Shafagh
9b38761153
Merge branch 'master' into add-pending-certificate-upload 2019-04-22 11:47:02 -07:00
alwaysjolley
f9dadb2670 fixing validation 2019-04-22 09:38:44 -04:00
alwaysjolley
8dccaaf544 simpler validation 2019-04-22 07:58:01 -04:00
alwaysjolley
1667c05742 removed unused functions 2019-04-18 13:57:10 -04:00
alwaysjolley
b39e2e3f66 Merge branch 'master' into lemur_vault_plugin 2019-04-18 13:55:45 -04:00
alwaysjolley
fb3b0e8cd7 adding regex filtering 2019-04-18 13:52:40 -04:00
Jose Plana
7dd9268ca7 Allow uploading a signed cert for a pending certificate. 2019-04-18 00:46:39 +02:00
Curtis
8177e12f3f
Merge branch 'master' into rewrite-java-keystore-use-pyjks 2019-04-17 10:43:44 -07:00
Hossein Shafagh
52f939658f
Merge branch 'master' into rewrite-java-keystore-use-pyjks 2019-04-17 10:31:58 -07:00
Curtis
f6afcc6d21
Merge branch 'master' into master 2019-04-17 10:28:46 -07:00
Javier Ramos
58dd424de8
Prevent potential NoneType not subscriptable
Fix when data['extensions']['subAltNames']['names'] is none
2019-04-17 18:33:52 +02:00
Jose Plana
771f2ebc47 Use SAN_CERT_CSR 2019-04-13 11:01:36 +02:00
Jose Plana
770729a72e Allow csr to be empty during upload 2019-04-13 01:17:12 +02:00
Hossein Shafagh
2ff811ae71 updating cryptography API call, to create right signing algorithm object. 2019-04-13 00:57:48 +02:00
Hossein Shafagh
09796cf7c9 the check_cert_signature() method was attempting to compare RSA and ECC signatures.
If a ec public-key certificate is signed with an RSA key, then it can't be a self-signed certificate, in which case we just raise InvalidSignature.
2019-04-13 00:57:48 +02:00
Jose Plana
406753fcde Fix PEP8 2019-04-13 00:49:35 +02:00
Jose Plana
a5570d07bc Added some documentation for API users. 2019-04-13 00:48:19 +02:00
Jose Plana
c1b02cc8a5 Allow uploading csr along with certificates 2019-04-13 00:48:19 +02:00
Hossein Shafagh
df8d4e0892
Merge branch 'master' into rewrite-java-keystore-use-pyjks 2019-04-12 09:38:50 -07:00
Hossein Shafagh
ceb335f3ab
Merge branch 'master' into master 2019-04-12 09:38:41 -07:00
alwaysjolley
9ecc19c481 adding san filter 2019-04-12 09:53:06 -04:00
Hossein Shafagh
6d67ec7e34 removing unused import 2019-04-11 17:34:02 -07:00
Hossein Shafagh
512e1a0bdd fixing typos 2019-04-11 17:17:28 -07:00
Hossein Shafagh
6ec84a398c checking for None 2019-04-11 17:13:47 -07:00