Commit Graph

3114 Commits

Author SHA1 Message Date
Marti Raudsepp 0f3ffaade0 Fall back to CN for CA name when organization is not available (#607)
In-house CAs may not have the organization field filled out.
2016-12-16 16:27:25 -08:00
kevgliss 156b98f7f0 Ensuring that rotation only happens for certificates with endpoints to rotate. (#606) 2016-12-15 15:20:21 -08:00
kevgliss a09faac9a7 Endpoint sync fixes (#604) 2016-12-15 10:26:59 -08:00
kevgliss d20c552248 Fixing issues with rotation. (#603)
* Fixing issues with rotation.

* Fixing tests
2016-12-14 17:30:13 -08:00
Doppins f7fdf7902d Upgrade dependency boto to ==2.45.0 (#601) 2016-12-14 16:53:47 -08:00
Marti Raudsepp b327963925 Plugin base classes: update method signatures & fix raise (#598)
This way IDEs can verify method overrides in subclasses, otherwise these
are flagged as erroneous.

Changed base classes to properly raise NotImplementedError; previously
they would cause "TypeError: exceptions must derive from BaseException"

Also fixed exception handling in sources.service.clean().
2016-12-14 13:42:29 -08:00
Marti Raudsepp 1eb3d563c6 Fix error reporting for certs without private key (#599) 2016-12-14 13:25:56 -08:00
kevgliss 02991c70a9 Allow Lemur "start" to use the global config. (#596)
* allowing our runserver to use the config specified by -c

* Maintaining config for gunicorn
2016-12-14 13:23:50 -08:00
Marti Raudsepp 71ddbb409c Minor documentation fixes/tweaks (#597)
Mostly typos, grammar errors and inconsistent indentation in code
examples.

Some errors detected using Topy (https://github.com/intgr/topy), all
changes verified by hand.
2016-12-14 09:29:04 -08:00
kevgliss fbcedc2fa0 Specifying a recommended postgres version (#592) 2016-12-13 11:22:10 -08:00
kevgliss 3dad818af2 ensuring our index gets created (#591) 2016-12-13 11:13:44 -08:00
Doppins 5dc0fa91e8 Upgrade dependency boto3 to ==1.4.2 (#550) 2016-12-13 09:53:49 -08:00
kevgliss 565c9ae98d adding missing init (#587) 2016-12-13 09:21:31 -08:00
kevgliss 2d6aa620b4 Attempting to upgrade to node LTS (#585)
* Attempting to upgrade to node LTS

* Updating travis config to node
2016-12-13 08:50:12 -08:00
kevgliss 03d5a6cfe1 Refactors how notifications are generated. (#584) 2016-12-12 11:22:49 -08:00
Doppins a5c47e4fdc Upgrade dependency Flask-Migrate to ==2.0.2 (#582) 2016-12-12 10:42:57 -08:00
Doppins 9581278481 Upgrade dependency cryptography to ==1.7 (#583) 2016-12-12 10:42:45 -08:00
kevgliss 1c3ac21291 Ensuring the digicert session is handled correctly (#579) 2016-12-11 08:38:59 -08:00
Doppins 25faf05807 Upgrade dependency boto to ==2.44.0 (#578) 2016-12-08 17:31:53 -08:00
kevgliss 968dd52f6f Fixes (#576)
* Fixing email notification

* Adding endpoint expiration

* Fixing endpoint type for ELBs

* Allowing verisign to include additional SANs
2016-12-08 15:52:27 -08:00
kevgliss a4b32b0d31 Fixing up notification testing (#575) 2016-12-08 11:33:40 -08:00
kevgliss be1415fbd4 Ensuring new cli is available (#574) 2016-12-08 09:11:19 -08:00
kevgliss b5901a1570 adding needed migration files (#573) 2016-12-07 17:31:59 -08:00
kevgliss bdc6dc8683 Fixing a bug were extensions got a default value (#572) 2016-12-07 17:28:18 -08:00
kevgliss 5087fa67dc skipping a few tests that aren't ready yet (#571) 2016-12-07 16:52:00 -08:00
kevgliss fc205713c8 Certificate rotation enhancements (#570) 2016-12-07 16:24:59 -08:00
kevgliss 9adc5ad59e Adding last updated time (#569) 2016-12-07 15:43:57 -08:00
kevgliss f63ccd033d Ensuring that endpoints without output_schema work as expected (#568) 2016-12-07 15:40:29 -08:00
kevgliss d7c0e2ec35 Ensuring that certificates returned from digicert are in the proper format (#564) 2016-12-06 12:25:52 -08:00
kevgliss 00da52f32e Ensuring that CSRs are correctly validated under python3 (#565) 2016-12-06 12:25:43 -08:00
kevgliss 287c684866 Ensuring that certificates returned from digicert are in the proper format (#564) 2016-12-06 12:10:39 -08:00
kevgliss e94cf6ddc9 Ensuring that certificates returned from digicert are in the proper format (#564) 2016-12-06 12:05:18 -08:00
kevgliss 81272a2f7a Moving validation to server start. (#563) 2016-12-05 16:43:38 -08:00
kevgliss e622a49b72 Adding better error handling around certificate rotation (#562) 2016-12-05 15:12:55 -08:00
kevgliss 9030aed8a4 Ensuring that our syncing process can find duplicate certifcates that do no need to be sync'd (#560) 2016-12-05 11:08:29 -08:00
Doppins eee534a161 Upgrade dependency pytest to ==3.0.5 (#559) 2016-12-05 10:54:54 -08:00
kevgliss 344abbda66 fixing signature (#556) 2016-12-02 13:48:50 -08:00
kevgliss 834814f867 adding additional status code metrics (#555) 2016-12-02 13:02:59 -08:00
kevgliss 7f823a04cd Ensuring that acme and cryptography respect different key types (#554) 2016-12-02 10:54:18 -08:00
kevgliss 0f5e925a1a Ensuring that default-issuer is set (#553) 2016-12-02 09:54:16 -08:00
kevgliss e0c79389ca Allowing tar to be installed without git or other development tools (#552) 2016-12-01 16:20:46 -08:00
kevgliss a40bc65fd4 Default authority. (#549)
* Enabling the specification of a default authority, if no default is found then the first available authority is selected

* PEP8

* Skipping tests relying on keytool
2016-12-01 15:42:03 -08:00
kevgliss 81bf98c746 Enabling RSA2048 and RSA4096 as available key types (#551)
* Enabling RSA2048 and RSA4096 as available key types

* Fixing re-issuance
2016-12-01 15:41:53 -08:00
kevgliss 41b59c5445 adding required variables to digicert issuer (#546) 2016-12-01 10:50:25 -08:00
kevgliss e1bbf9d80c Improving endpoint rotation logic (#545) 2016-11-30 15:11:17 -08:00
Doppins bd2abdf45f Upgrade dependency arrow to ==0.10.0 (#541) 2016-11-30 15:07:36 -08:00
kevgliss abb91fbb65 fixing a few minor issue with cloning (#544) 2016-11-30 10:54:53 -08:00
kevgliss f9b16a2110 csr as string (#542) 2016-11-29 18:50:20 -08:00
kevgliss 588ac1d6a6 Digicert cis fixes (#540) 2016-11-29 17:15:39 -08:00
kevgliss 058d2938fb migrating off of openssl (#539) 2016-11-29 11:30:44 -08:00