3ce8abe46e
Left outer join on domains tables to avoid missing results
2018-11-13 14:33:17 -08:00
29be647911
Merge branch 'master' into no_csr_reissue
2018-11-12 09:54:47 -08:00
a7a05e26bc
Do not re-use CSR during certificate reissuance; Update requirement; Add more logging to celery handler
2018-11-12 09:52:11 -08:00
1643650685
Changing essential part of query
2018-11-07 16:02:04 -08:00
08a2a2b0e5
Optimize certificate filtering by name
2018-11-07 15:34:25 -08:00
52e773230d
Add new gin index to optimize ILIKE queries
2018-11-05 10:29:11 -08:00
50761d9d3b
safer reissue, fix celery sync job
2018-10-29 13:22:50 -07:00
75069cd52a
Add CSR to certificiates
...
Add csr column to certificates field, as pending certificates have
exposed the CSR already. This is required as generating CSR from
existing certificate is will not include SANs due to OpenSSL bug:
https://github.com/openssl/openssl/issues/6481
Change-Id: I9ea86c4f87067ee6d791d77dc1cce8f469cb2a22
2018-10-23 17:46:04 -07:00
73ed5164cd
deps
2018-10-22 14:51:13 -07:00
cc18a68c00
Lemur LetsEncrypt Polling Support
2018-10-11 22:01:05 -07:00
e91d8ec81b
add indexes to domains and certificates tables to optimize load time
2018-10-11 11:36:50 -07:00
50919d85a8
Merge remote-tracking branch 'upstream/master' into improved_verify
2018-09-27 11:19:06 -04:00
590fac4aa8
docstring update in verify.py
2018-09-27 10:11:13 -04:00
652d7f65dd
flake8 tweak
2018-09-27 09:28:21 -04:00
563f0fb9b2
Celery refactoring, celery beat job in configuration
2018-09-17 10:52:12 -07:00
23382b2777
Celery integration
2018-09-13 10:35:54 -07:00
7d42e4ce67
Fix certificate import issues
2018-09-10 10:34:47 -07:00
2815ddf6c8
Moved cert object to be passed to both ocsp/crl methods so we can report in better detail on the certs. Ensured proper returns of False (revoked) True (good) None (unknown) throughout the methods.
2018-08-31 13:34:55 -04:00
34c88494b8
More specific exception catch for cert parsing. line shortening.
2018-08-31 12:19:55 -04:00
7dbca821c3
Reducing the stacked exceptions plus a bit of pep8
2018-08-31 12:01:49 -04:00
1ad61b1550
allow null validity periods
2018-08-17 07:57:55 -07:00
bb026b8b59
Allow LetsEncrypt renewals and requesting certificates without specifying DNS provider
2018-08-13 14:22:59 -07:00
82158aece6
Fill in missing cert rotation_policy; don't ignore validation errors when re-issuing certs
...
CertificateInputSchema requires the rotation_policy field, but
certificates created before the field existed have set to NULL. Thus
saving such certificates failed and probably caused other errors.
Made cert re-issuing (get_certificate_primitives) more strict so such
errors are harder to miss in the future.
2018-08-03 20:06:21 +03:00
d6b482755b
Proper flask_restful boolean parsing.
...
This is documented here: https://github.com/flask-restful/flask-restful/issues/488
2018-07-30 13:49:41 -07:00
f93e938cda
no bare except
2018-07-20 10:53:47 -07:00
5a01840784
Explicit capture exception during create failure
2018-07-20 10:47:19 -07:00
7f3454128d
Adds an optional interval variable to notification service's
...
create_default_expiration_notifications and introduces a new optional
configuration variable, LEMUR_SECURITY_TEAM_EMAIL_INTERVALS, to allow admins
control over the centralized email notification defaults.
2018-07-13 14:08:31 -07:00
0398c6e723
Clean up module imports
...
Example:
* import lemur.common.utils -> from lemur.common import utils
* import sqlalchemy.types as types -> from sqlalchemy import types
2018-07-07 23:56:23 +03:00
d690ea32bc
Cache parsed certificate instead of re-parsing for each field
...
Use @cached_property decorator to cache the results of parse_certificate().
This significantly cuts down on the number of times certs need to be
parsed for a list view.
2018-07-03 17:31:44 +03:00
50846eb682
Expose certificate dateCreated via API
2018-07-02 18:24:18 +03:00
544a02ca3f
Addressing comments. Updating copyrights. Added function to determine authorative name server
2018-05-29 10:23:01 -07:00
a9b9b27a0b
fix tests
2018-05-10 12:58:04 -07:00
52e7ff9919
Allow specification of dns provider name only
2018-05-10 12:58:04 -07:00
f4a010e505
Merge branch 'master' into master
2018-05-09 07:52:07 -07:00
6500559f8e
Fix issue with automatically renewing acme certificates
2018-05-08 14:54:10 -07:00
c26ae16060
fixing docs ( #1231 )
2018-05-08 10:58:48 -07:00
e68b3d2cbd
0.7 release
2018-05-07 09:58:24 -07:00
1be3f8368f
dyn support
2018-05-04 15:01:01 -07:00
3e64dd4653
Additional work
2018-05-04 15:01:01 -07:00
532872b3c6
dns_provider ui
2018-04-27 11:18:51 -07:00
7704f51441
Working acme flow. Pending DNS providers UI
2018-04-24 09:38:57 -07:00
44e3b33aaa
More stuff. Will prioritize this more next week
2018-04-20 14:49:54 -07:00
2d6d2357b5
DNS Providers list returned
2018-04-13 15:50:55 -07:00
b2e6938815
WIP: Add support for Acme/LetsEncrypt with DNS Provider integration
2018-04-13 15:50:54 -07:00
f6fd262618
DNS Providers list returned
2018-04-11 15:56:00 -07:00
f61098b874
WIP: Add support for Acme/LetsEncrypt with DNS Provider integration
2018-04-10 14:28:53 -07:00
8e2b2123f1
Fix filtering on boolean columns, broken with SQLAlchemy 1.2 upgrade
...
SQLAlchemy 1.2 does not allow comparing string values to boolean
columns. This caused errors like:
sqlalchemy.exc.StatementError: (builtins.TypeError) Not a boolean value: 'true'
For more details see http://docs.sqlalchemy.org/en/latest/changelog/migration_12.html#boolean-datatype-now-enforces-strict-true-false-none-values
2018-04-09 18:59:23 +03:00
c3a2781507
Allow quotes for exact match
2018-03-28 08:33:43 -07:00
db746f1296
Adds support for CDLDistributionPoints. ( #1130 )
2018-03-23 08:51:18 -07:00
18c64fafe4
address comment
2018-02-27 12:34:18 -08:00
Curtis Castrapel
Curtis
James Chuong
Non Sequitur
Mike Culbertson
Curtis Castrapel
Marti Raudsepp
Mike Grima
Steven Reiling
kevgliss