1c96ea9ab1
better messaging of exceptions
2020-10-22 17:10:32 -07:00
02c040865d
more meaningful message
2020-10-22 16:05:29 -07:00
8fa90a2ce5
digicert expects also seconds, though not yet honoring it
2020-10-22 16:01:09 -07:00
c60645bec4
improved logging for all responses
2020-10-22 16:00:26 -07:00
c2fe2b5e03
improved logging for all responses
2020-10-22 15:59:59 -07:00
906b3b2337
better handling of status code
2020-10-21 19:52:25 -07:00
4f552cb636
Code cleanup
2020-10-20 12:02:36 -07:00
d6075ebc11
Merge
2020-10-20 11:48:54 -07:00
669a4273c2
Merge branch 'master' of github.com:jtschladen/lemur into sns
2020-10-19 16:29:33 -07:00
e90b08b363
Correct typo and enable Slack notification test
2020-10-16 17:08:44 -07:00
60bb0037f0
Miscellaneous notification fixes and tests
2020-10-16 15:13:12 -07:00
a04cce6044
Initial implementation
2020-10-16 10:40:11 -07:00
503530e935
the test requires region param for sts
2020-10-16 10:32:10 -07:00
11ce540246
formatting
2020-10-16 10:31:19 -07:00
9c04a888d8
adjusting the S3 test
2020-10-16 09:52:04 -07:00
17e528b5dd
adding testing for acme_upload method
2020-10-16 09:50:35 -07:00
d705e3ae3b
expanding the S3 destination plugin to support the acme token upload inteface
2020-10-16 09:49:56 -07:00
7d8eb1c61e
improving test
2020-10-16 09:49:26 -07:00
6aad37e1f9
cleaning up code
2020-10-16 09:49:00 -07:00
d73db59d23
revsering removing region
2020-10-16 09:48:47 -07:00
bfe89e131e
adding delete and put interfaces for the S3 plugin
2020-10-15 18:13:50 -07:00
28381737dc
Removed OU from digicert plugin
2020-10-13 19:40:15 -07:00
817fc3f0fe
Merge branch 'master' into feature/store-acme-account-details
2020-10-11 14:37:31 +02:00
0fc050e17b
Merge branch 'master' into dymanic-digicert-ICAs
2020-10-09 17:53:54 -07:00
42e9b8b627
removing the intermediary from being optional
2020-10-09 15:40:25 -07:00
5a968ffe63
Lint errors
2020-10-09 12:05:57 +02:00
d43e240a2a
dded ELIF at determine_end_date, becuase of error.
2020-10-09 11:41:44 +02:00
a6a4f458e0
added Tests and removed problems in test-setup
2020-10-09 11:35:04 +02:00
1a270cd315
switching from static DigiCert ICAs to dynamic ones to support:
...
https://knowledge.digicert.com/alerts/DigiCert-ICA-Update.html
2020-10-07 20:06:20 -07:00
57534d86cd
Disable account saving by default
2020-10-07 12:28:22 +02:00
8353396940
Improve tests
2020-10-07 12:28:22 +02:00
9abd3e97e7
Add test loading acme account from authority
2020-10-07 12:28:22 +02:00
bf66de0bfd
Add Test for saving the accound details
2020-10-07 12:28:22 +02:00
e0708410d0
Add store_account value to options in test_setup_acme_client_success
2020-10-07 12:28:22 +02:00
eed628dbab
Implement storage of acme account
2020-10-07 12:28:22 +02:00
898b5da661
Add store_account option to acme plugin
2020-10-07 12:28:22 +02:00
e5961146b9
session hook complains about metadata
...
+ consistent language.
2020-09-23 14:22:58 -06:00
cc855e2758
modern python style
2020-09-18 17:16:07 -07:00
416f39222a
testing
2020-09-18 17:02:19 -07:00
fae3793255
entrrust plugin revised
2020-09-18 11:09:32 -07:00
02c7a5ca7c
another round of lint errors
2020-09-14 16:34:56 +02:00
e011cc9251
added several enhancements following advice from peer
2020-09-14 16:24:53 +02:00
9778eb7b25
fixed lint errors
2020-09-14 15:56:02 +02:00
5bb0143da4
lint errors and removed _path from the API-Cert variables
2020-09-14 15:42:36 +02:00
84496b0f55
fixed a few problems
2020-09-14 15:18:46 +02:00
b8e3162c5f
added revoke functionality
2020-09-14 14:20:11 +02:00
b337b27146
added response handler
2020-09-14 12:23:58 +02:00
01678a714f
added required vars check
2020-09-14 09:50:55 +02:00
8adca442e1
Merge branch 'master' into entrust-plugin
2020-09-11 17:11:57 -07:00
09a2a8fc76
Log message change
...
PR comments
2020-09-11 15:53:34 -07:00
1c9c377751
Lint errors
2020-09-11 12:31:15 +02:00
fd52438d61
yet lint errors
2020-09-11 12:30:53 +02:00
de9ad82011
Fixed Lint complaints
2020-09-11 12:24:33 +02:00
a99a84b0b2
entrust plugin inital edit
2020-09-10 16:04:31 +02:00
f47f108f43
ientrust plgin - first version
2020-09-10 16:03:29 +02:00
8ad4448c85
Match date format for comparison + expected new lines
2020-09-01 12:44:49 -07:00
db4f68f0ed
Logs during cert validity truncate for digicert
2020-08-31 18:20:32 -07:00
1b73b1d080
Merge branch 'master' into master
2020-08-19 12:29:02 +02:00
c2116df652
Extended ADCS_TEMPLATE_ Variable
...
If there is a config variable ADCS_TEMPLATE_<upper(authority.name)> take the value as Cert template else default to ADCS_TEMPLATE to be compatible with former versions
2020-08-19 12:25:52 +02:00
6ff8910f87
mention 397 for digicert plugin
2020-08-11 18:53:19 -07:00
d7ca1570be
maximum 1 year validity for digicert
2020-08-11 18:02:42 -07:00
bde2829e72
Modify unit test test_determine_end_date to match new config
2020-08-11 17:10:29 -07:00
7a83799bcd
Cert validity should not exceed 397 days for publicly trusted issuers
2020-08-10 17:30:34 -07:00
3c1d6998fb
Merge branch 'master' into pinning-to-cross-signed-LE-ICA
2020-07-24 10:25:11 -07:00
0fd83d13ae
Fix intermediate CA creation on cryptography plugin
2020-07-23 13:58:32 -07:00
2317967802
lack of an empty config file was resulting into this error
...
```
Traceback (most recent call last):
File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/tests/test_acme.py", line 159, in test_request_certificate
self.acme.request_certificate(mock_acme, [], mock_order)
File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/plugin.py", line 211, in request_certificate
current_app.config.get("IDENTRUST_CROSS_SIGNED_LE_ICA_EXPIRATION_DATE", "17/03/21"), '%d/%m/%y'):
TypeError: strptime() argument 1 must be str, not MagicMock
```
2020-07-15 17:04:49 -07:00
d5ae45a0d0
Let's Encrypt has been using a cross-signed intermediate CA by DST Root CA X3, which is included in any older devices' TrustStore.
...
https://letsencrypt.org/certificates/
Let's Encrypt is transitioning to use the intermediate CA issued by their own root (ISRG X1) starting from September 29th 2020. This is in preparation of concluding the initial bootstrapping of their CA, by having it cross-signed by an older CA.
https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html
This PR allows Lemur to pin to the cross-signed ICA (same public/private key pair as the ICA signed by ISRG X1). This will prolong support for incompatible systems.
2020-07-14 17:35:13 -07:00
aa11088944
Remove f from non-f string
2020-07-02 16:48:41 +02:00
a7a309136f
fixing whitespace and imports
2020-06-11 14:15:40 -07:00
f834d10f9a
moving ultradns tests to separate file
2020-06-11 14:04:17 -07:00
c3b36d697f
clarification
2020-06-08 15:17:45 -07:00
904bc9d8b6
Merge branch 'master' into improve-expiry-email
2020-05-27 15:28:41 -07:00
8861cc70cb
rewordin
2020-05-26 17:12:47 -07:00
34e3f7c049
improved messaging
2020-05-26 16:38:12 -07:00
cc4fc66c93
Merge branch 'master' into master
2020-05-22 09:57:46 -07:00
8d0007b9c0
fixing the private DNS zone issue.
...
Private hosted zones will never be visible to third-parties like LetsEncrypt, and Lemur should not consider them as authoritative zones.
This fix, make sure they are not added to the dns_provider table.
2020-04-24 15:48:06 -07:00
cee81bd693
updated requirements, fixed unittests, pytest, and distinguidedName ordering
2020-04-09 18:17:05 -07:00
1360d846fd
Improve error logging for a couple of use cases
2020-04-08 11:50:42 -07:00
46e0d1953b
Merge branch 'master' of github.com:Netflix/lemur into powerdnsplugin_02
2020-04-05 21:47:24 -07:00
f82ec24dfa
updating _get_txt_records return values and docstrings
2020-04-05 21:46:33 -07:00
d825616ea6
No need to retry 25 times on DeleteConflict errors
2020-04-01 10:53:17 -07:00
6f3ba23fa0
updating sinlge line of comments
2020-03-30 13:34:24 -07:00
9d9bf9d7ba
Merge branch 'powerdnsplugin_02' of github.com:Netflix/lemur into powerdnsplugin_02
2020-03-30 09:02:56 -07:00
d6cc8a8a9a
fixing whitespace
2020-03-30 09:01:28 -07:00
2b7e60399c
Merge branch 'master' into powerdnsplugin_02
2020-03-27 10:27:33 -07:00
0e314d0028
adding documentation and final cleanup
2020-03-27 10:18:38 -07:00
0149f8b0d3
add support for wildcard and naked domains to PowerDNS module
2020-03-26 22:15:10 -07:00
88c40aa93c
Merge branch 'master' into master
2020-03-23 20:31:16 -07:00
697215f8bc
better handling of destination plugin errors, and also checking cert expiration before upload
2020-03-21 20:05:35 -07:00
7bd5173da4
Merge with Netflix/lemur master
2020-03-20 20:52:33 +03:00
07dc31bed7
cleaning up whitespace changes
2020-03-16 11:41:05 -07:00
1a19e250bb
updating and cleaning up tests
2020-03-16 11:24:17 -07:00
921d52b360
fixing get_dns_challenge() logic so duplicate domains (such as wildcard and not wildcard) do not match the wrong authorziations
2020-03-13 00:03:31 -07:00
be722fb1b3
Fix lint
2020-03-11 20:51:10 +03:00
92a8942727
Fix lint
2020-03-11 15:37:11 +03:00
a6c3b85fe1
Fix lint
2020-03-11 15:15:56 +03:00
ba8e315eed
Fix typo
2020-03-11 14:22:04 +03:00
729ed3843d
Fix bug wth get_options and slash in name
2020-03-11 14:16:29 +03:00
d3cb0b517a
Add format support
2020-03-11 02:27:31 +03:00
ad86cf1fd9
Merge remote-tracking branch 'upstream/master'
2020-03-11 00:29:07 +03:00
e1e7efc96e
Merge branch 'master' into powerdnsplugin_01
2020-03-05 15:25:40 -08:00
771e72187a
updates based on feedback
2020-03-05 15:24:56 -08:00
5dfb6acb17
adding support for ACME_POWERDNS_VERIFY option to support CA Bundles and disabling Server validation
2020-03-05 14:59:21 -08:00
4a4b3b932e
Merge branch 'master' into master
2020-03-04 10:32:10 -08:00
1e81d47793
Merge branch 'renewal_validity_01' of github.com:Netflix/lemur into renewal_validity_01
2020-03-03 17:28:58 -08:00
fdc1e20c23
updating config_mock defaults
2020-03-03 17:27:15 -08:00
38b7d6e5e3
Merge branch 'master' into renewal_validity_01
2020-03-03 14:44:33 -08:00
6c46481ffd
simplifying return statement for validity years
2020-03-03 14:40:50 -08:00
318292704d
fixing default/max DigiCert validity values
2020-03-03 14:29:17 -08:00
fe67ff2146
Update plugin.py
...
Fix lint
2020-03-02 09:18:02 +03:00
a8c0adaa4d
Merge remote-tracking branch 'upstream/master'
2020-02-27 17:08:35 +03:00
9612d291ed
Add path suffix options
2020-02-18 19:16:27 +03:00
2ee60bcdb6
Merge branch 'master' into le_Log_orderurl
2020-02-17 10:30:58 -08:00
e75df1ddc9
Update plugin.py
2020-02-17 19:04:20 +01:00
d29edabefe
Merge branch 'master' into le_Log_orderurl
2020-02-17 09:24:51 -08:00
ed3472d029
Update plugin.py
2020-02-17 15:21:29 +01:00
3fd0d3e141
Added VERISIGN_INTERMEDIATE_<authority> parameter
...
When using the VERISIGN_PRODUCT_<authority> Parameter one also has to add this parameter:
VERISIGN_INTERMEDIATE_<authority> = """ <PEM-String of Issuing CA for this certificate Type>"""
While doing this, I also added code, so the external_id field is filled with data from CA-Answer
2020-02-17 12:40:36 +01:00
1815c89970
Made the change more elegant
...
As suggested by @hosseinsh. This is of course more elegant.
2020-02-16 09:28:52 +01:00
a70a49e4e9
Update plugin.py
2020-02-15 16:11:58 +01:00
3693bc2d8b
removed whitespaces inserted by online editor
2020-02-15 16:09:25 +01:00
bfa953270d
Fixed whitespace error
2020-02-15 16:04:44 +01:00
fabcad1e46
New variable VERISIGN_PRODUCT_(authority.name)
...
If there is a config variable with VERISIGN_PRODUCT_<upper(authority.name)> take the value as Cert product-type
else default to "Server", to be compatoible with former versions.
This enables the use of different Verisign authorities for differnt cert-products eg. EV or Standard Certs
2020-02-15 15:52:24 +01:00
a8e8924e2a
Merge branch 'master' into le_Log_orderurl
2020-02-14 17:10:38 -08:00
8e3cc93d6a
Whitespaces in empty line 113 removed
2020-02-14 07:50:18 +01:00
b521aaf579
Merge branch 'master' into le_Log_orderurl
2020-02-13 16:41:14 -08:00
af21225918
adding logging on sucess and metric submission of URL for certificate issuance
2020-02-13 16:38:33 -08:00
2b849a6520
Update plugin.py
...
making lint happy
2020-02-13 15:58:07 -08:00
9db1ea3307
Merge branch 'master' into master
2020-02-13 12:47:06 -08:00
571c8bf42d
Error when validity_end date is empty #2905
...
this lines of code (114ff) in threw an error, when the validity_end date was empty:
if options.get("validity_end") > arrow.utcnow().shift(years=2):
raise Exception(
"Verisign issued certificates cannot exceed two years in validity"
)
Actually, they are not needed, because immidiately following is a check for an empty validity_end and for the length of the entered period.
When I commented it out for testing, the error was gone and everything worked as expected.
2020-02-13 07:38:04 +01:00
6c7bb5f9b7
Fixed TLS secret format ( #2913 )
...
The Plugin handled the TLS secret format wrong: it sent chain certificate instead of requested public certificate #2913
2020-02-13 07:35:35 +01:00
ca8e73286f
fixed get_domains() to remove duplicate entries, updated usage and tests
2020-02-12 15:10:24 -08:00
b23ae60847
Merge branch 'master' into vault-k8s-auth
2020-02-10 11:12:52 -08:00
bcdb3173bd
ensuring that "3" is set as an integer instead of a string
2020-02-04 18:23:17 -08:00
8ea54d7db2
removing exception if domain zone not found. Logging the issue instead
2020-02-04 14:50:56 -08:00
48bccd6f68
moving _check_config() lower in file, near other private methods
2020-02-03 19:08:28 -08:00
c38e651eb0
Merge branch 'powerdnsplugin_01' of github.com:Netflix/lemur into powerdnsplugin_01
2020-02-03 19:04:05 -08:00
53f81fb09f
updating based on suggestions in 2911
2020-02-03 18:58:31 -08:00
ac0282529e
adding basic logging on success
2020-02-03 11:05:20 -08:00
fecb5b6252
Merge branch 'master' into powerdnsplugin_01
2020-01-31 16:37:57 -08:00
be7736d350
adding dns tests and assorted exception handling
2020-01-31 13:16:37 -08:00
969a7107fe
fixed PowerDNS Tests
2020-01-29 13:12:09 -08:00
ef115ef2b1
moving PowerDNS number_of_attempts to global config variable ACME_POWERDNS_RETRIES
2020-01-29 11:20:39 -08:00
b91899fe99
created CLI options for testin ACME over dns. Examle: `acme dnstest -d _acme-chall.foo.com -t token1`
2020-01-28 19:13:28 -08:00
620f972635
Fixed an error
...
Found out that I introduced an error when I changed code up for publishig. The certserv.py I use does not return the ID of the certificate created. For now I just leave the field empty. I will create another issue , so that the ID is filled up.
2020-01-27 11:04:49 +01:00
c465062673
integrated PowerDNS plugin into dns_providers
2020-01-23 23:53:38 -08:00
bddae6e428
adding PowerDNS delete_txt_record with associated tests
2020-01-22 16:18:52 -08:00
52c7686d58
adding wait_for_dns_change() and tests for PowerDNS ACME plugin
2020-01-21 18:47:21 -08:00
915ec0ba63
added PowerDNS support for create_txt_record and associated tests
2020-01-21 17:08:59 -08:00
acf531ece3
Merge branch 'master' into vault-k8s-auth
2020-01-20 15:18:29 -08:00
3080a9527c
adding PowerDNS get_zones functionality and unit tests
2020-01-17 18:29:37 -08:00
cb7507156c
Merge branch 'master' into vault-k8s-auth
2020-01-17 17:17:53 -08:00
d6f41b6a99
improving string formatting to avoid dangling white spaces and new lines
2020-01-16 13:45:13 -08:00
1ed6ae539d
# possibility to default to a SIGNING_ALGORITHM for a given profile
2020-01-15 16:19:48 -08:00
cd7d9aee55
fixed lint error
2020-01-13 23:09:58 +02:00
8d957f22af
changed file handling
2020-01-13 22:46:34 +02:00
cad56c813e
fixed lint error
2020-01-12 01:51:48 +02:00
409b499217
added kubernetes auth for vault
2020-01-12 01:25:22 +02:00
348682d5ea
Merge branch 'master' into cfssl-key-fix
2020-01-09 10:44:02 -08:00
8be8c95b17
handled cfssl-key type error
2020-01-09 15:16:19 +02:00
1537d591a8
Improved messaging to point out to the Auto Rotate option for certificate issuance and renewal.
2020-01-08 14:42:16 -08:00
45c1207d07
Merge branch 'master' into master
2019-12-27 13:30:56 -05:00
9fb4be1273
remove trailing whitespace
2019-12-27 13:25:03 -05:00
113c9dd657
atlas redis plugin typo cleanup and better exception handling
2019-11-06 10:42:59 -08:00
f803fab413
add plugin to send atlas metric via redis
2019-11-06 10:14:49 -08:00
f077b19126
Merge branch 'master' into master
2019-10-18 11:32:21 -07:00
11f9920ff9
Merge branch 'master' into cert-sync-endpoint-find-by-hash
2019-10-18 11:08:51 -07:00
9037f88430
just in case the path varies
2019-10-18 11:02:41 -07:00
1768aad9e2
capturing no such entity exception.
2019-10-18 10:17:58 -07:00
8aea257e6a
optimizing the call to describe cert to only the few certs with the naming issue
2019-10-18 09:24:49 -07:00
d43e859c34
describing the cert for each endpoint, for better cert search
2019-10-18 08:46:01 -07:00
b5ab87877b
adding retry to acme setup client, since it can experience timeouts or other types of Connection Errors
2019-10-17 10:16:33 -07:00
f0652ca6a9
bug fix for overwriting certificates
2019-10-10 15:49:31 -04:00
477db836f4
lint
2019-09-23 12:52:17 -07:00
86f661a8af
With NLBs the DNS formatting has changed, which resulted in Lemur not getting the region correctly parsed
2019-09-23 12:36:08 -07:00
8c9a1df2cf
Merge branch 'master' into up-dependencies-20Sep2019
2019-09-20 15:19:25 -07:00
a13c45e9cc
updating dependencies, and fixing the deprecated arrow.replaces to shift
2019-09-20 13:49:38 -07:00
1c6fee7292
Allow better DNS autodetection for domains that directly match a DNS hosted zone
2019-08-15 10:52:26 -07:00
5d4413e45c
Merge branch 'master' into ultradnsPlugin
2019-08-09 08:48:24 -07:00
d9aef2da3e
Changed dummy nameserver value
2019-08-07 14:38:18 -07:00
a97283f0a4
Fixed indentation
2019-08-07 14:23:09 -07:00
a6bf081bec
Remove unused import
2019-08-07 14:08:27 -07:00
43f5c8b34e
Fixed indentation
2019-08-07 14:08:06 -07:00
cadf372f7b
Removed hardcoded value from function call
2019-08-07 14:02:10 -07:00
b4f4e4dc24
Added extra check for return value to test_create_txt_record
2019-08-07 13:55:02 -07:00
fa7f71d859
Modified paginate response to dummy values
2019-08-07 13:53:10 -07:00
3ff56fc595
Blank line removed
2019-08-07 13:42:11 -07:00
894502644c
test_wait_for_dns_change fixed!
2019-08-07 13:39:20 -07:00
37a1b55b08
test_delete_txt_record changed to mock get_zone_name and return the value directly instead of executing the function.
2019-08-07 13:27:21 -07:00
31c2d207a2
test_delete_txt_record fixed. Function call was missing earlier
2019-08-07 13:23:05 -07:00
785c1ca73e
test_create_txt_record modified - get_zone_name mocked to return the zone name directly, instead of actually running the function.
2019-08-07 13:20:24 -07:00
f2cbddf9e2
Unit tests for get_zone_name, get_zones
2019-08-07 13:17:16 -07:00
6e84e1fd59
Unit Tests for create_txt_record, delete_txt_record, wait_for_dns_change
2019-08-07 13:04:38 -07:00
ff1f73f985
fixing the plugin test to include authority
2019-08-07 12:05:36 -07:00
bbda9b1d6f
making sure to handle when no config file provided, though we do a check for that
2019-08-07 12:05:13 -07:00
b885cdf9d0
adding multi profile name support with DigiCert plug.
...
This requires that the configs are a dict, with multiple entries, where the key is the name of the Authority used to issue certs with.
DIGICERT_CIS_PROFILE_NAMES = {"sha2-rsa-ecc-root": "ssl_plus"}
DIGICERT_CIS_ROOTS = {"root": "ROOT"}
DIGICERT_CIS_INTERMEDIATES = {"inter": "INTERMEDIATE_CA_CERT"}
Hence, in DB one need to add
1) the corresponding authority table, with digicert-cis-issuer. Note the names here are used to mapping in the above config
2) the corresponding intermediary in the certificate table , with root_aurhority_id set to the id of the new authority_id
2019-08-07 10:24:38 -07:00
a7c2b970b0
Unit testing Part 1
2019-08-05 14:00:22 -07:00
2903799b85
Changed string formatting from "{}".format() to f"{}" for consistency
2019-07-31 14:19:49 -07:00
5a401b2d87
Added the Zone class and Record class to ultradns.py and removed the respective files
2019-07-31 12:04:42 -07:00
fe075dc9f5
Changed function comments to doc strings.
2019-07-31 12:00:31 -07:00
503df999fa
Updated metrics.send to send function named, followed by status, separated by a period
2019-07-31 11:32:04 -07:00
11cd095131
Reduced the number of calls to get_public_authoritative_nameserver by using a variable
2019-07-31 11:12:28 -07:00
3ba7fdbd49
Updated logger to log a dictionary instead of a string
2019-07-31 11:11:39 -07:00
6bf920e66c
Merge branch 'master' into ultradnsPlugin
2019-07-30 14:13:45 -07:00
44bc562e8b
Update ultradns.py
...
Minor logging changes in wait_for_dns_change
2019-07-30 13:08:16 -07:00
3d48b422b5
Removed TODO
2019-07-30 11:39:35 -07:00
3ad791e1ec
Dynamically obtain the authoritative nameserver for the domain
2019-07-29 18:01:28 -07:00
e993194b4f
Check ultraDNS authoritative server first. Upon success, check Googles DNS server.
2019-07-29 14:59:28 -07:00
adabe18c90
metric tags, to be able to track which domains where failing during the LetsEncrypt domain validation
2019-07-25 18:56:28 -07:00
252410c6e9
Updated TTL from 300 to 5
2019-07-22 16:00:20 -07:00
51f3b7dde0
Added the Record class for UltraDNS
2019-07-22 14:23:40 -07:00
0b52aa8c59
Added Zone class to handle ultradns zones
2019-07-22 11:47:48 -07:00
e37a7c775e
Initial commit for the UltraDNS plugin to support Lets Encrypt
2019-07-18 14:29:54 -07:00
0c5a8f2039
Relax celery time limit for source syncing; Ensure metric tags are string
2019-07-01 08:35:04 -07:00
86a1fb41ac
lint fix
2019-06-25 06:56:37 -04:00
55a96ba790
type none
2019-06-24 15:10:10 -04:00
6699833297
fixing empty chain
2019-06-24 13:10:08 -04:00
bbf50cf0b0
updated dest as well as src
2019-06-20 08:26:32 -04:00
02719a1de7
Merge branch 'master' into vault_regex
...
fixed conflicts:
lemur/plugins/lemur_vault_dest/plugin.py
2019-06-19 09:53:08 -04:00
56917614a2
fixing regex to be more flexable
2019-06-19 09:46:44 -04:00
09c7076e79
Handle double data field in API v2
2019-05-22 17:12:10 -04:00
1423ac0d98
More metrics
2019-05-21 12:55:33 -07:00
34c7e5230b
Set a limit on number of retries
2019-05-21 12:52:41 -07:00
68fd1556b2
Black lint all the things
2019-05-16 07:57:02 -07:00
e3c5490d25
Expose exact response from digicert as error
2019-05-15 13:36:40 -07:00
7e92edc70a
Set resolved cert ID before resolving cert; Ignore sentry exceptions when no records on deletion
2019-05-15 11:43:59 -07:00
565142f985
Add soft timeouts to celery jobs; Check for PEM in LE order
2019-05-14 12:52:30 -07:00
e65154b48e
Merge branch 'master' into develop
2019-05-07 07:36:51 -07:00
ef7a8587fe
Merge branch 'lemur_vault_source' of github.com:/alwaysjolley/lemur into lemur_vault_source
2019-05-07 10:06:09 -04:00
b0c8901b0a
lint cleanup
2019-05-07 10:05:01 -04:00
36ce1cc7ef
Merge branch 'master' into lemur_vault_source
2019-05-07 09:41:50 -04:00
fb3f0bd72a
adding Vault Source plugin
2019-05-07 09:37:30 -04:00
a7af3cf8d2
Fix Cloudflare DNS
2019-05-07 03:05:24 +03:00
3a1da72419
nt
2019-04-29 13:57:04 -07:00
6e3f394cff
Updated requirements ; Revert change and require DNS validation by provider
2019-04-29 13:55:26 -07:00
1a90e71884
Move ACME host validation logic prior to R53 host modification
2019-04-26 17:27:44 -07:00
333ba8030a
Ensure hostname is lowercase when comparing DNS challenges. ACME will automatically lowercase the hostname
2019-04-26 15:45:04 -07:00
1a3ba46873
More retry changes
2019-04-26 10:18:54 -07:00
1e64851d79
Strip out self-polling logic and rely on ACME; Enhance ELB logging and retries
2019-04-26 10:16:18 -07:00
8eef95b58e
Merge branch 'master' into expose_verisign_exception
2019-04-25 19:15:55 -07:00
dcdfb32883
Expose verisign exceptions
2019-04-25 19:14:15 -07:00
39584f214b
Process DNS Challenges appropriately (1 challenge -> 1 domain)
2019-04-25 15:12:52 -07:00
2bc604e5a9
Better metrics and error reporting
2019-04-25 13:50:41 -07:00
272285f64a
Better exception handling, logging, and metrics for ACME flow
2019-04-24 15:26:23 -07:00
a801112cf6
Merge branch 'master' into lemur_vault_plugin
2019-04-23 07:07:39 -04:00
85efb6a99e
cleanup tmp files
2019-04-23 07:06:52 -04:00
f9dadb2670
fixing validation
2019-04-22 09:38:44 -04:00
8dccaaf544
simpler validation
2019-04-22 07:58:01 -04:00
1667c05742
removed unused functions
2019-04-18 13:57:10 -04:00
b39e2e3f66
Merge branch 'master' into lemur_vault_plugin
2019-04-18 13:55:45 -04:00
fb3b0e8cd7
adding regex filtering
2019-04-18 13:52:40 -04:00
Hossein Shafagh
Jasmine Schladen
sayali
Mathias Petermann
sirferl
sirferl
Raul Benencia
Javier Ramos
csine-nflx
Curtis Castrapel
Curtis
Chad S
Ilya Makarov
Ilya Makarov
e11it
Hossein Shafagh
jenkins-x-bot
pmelse
Jay Zarfoss
Kush Bavishi
Kush Bavishi
alwaysjolley
Ryan DeShone
alwaysjolley
Daniel Iancu