Commit Graph

1595 Commits

Author SHA1 Message Date
Hossein Shafagh 19b693f636
Update c301c59688d2_.py
language
2020-09-23 10:21:23 -07:00
Hossein Shafagh e3fa072608
Update c301c59688d2_.py
language
2020-09-23 10:17:30 -07:00
sayali 921e8d8236 Add error message to the logs 2020-09-22 18:46:15 -07:00
sayali 9211178e77 Added date-time and modified log file name 2020-09-22 18:31:38 -07:00
sayali 8de9842092 Backfill the key_type column: DB Upgrade 2020-09-22 18:22:45 -07:00
Hossein Shafagh 1632b4b078 making lint happy, running make test-python doesn't run lint 2020-09-18 21:58:53 -07:00
Hossein Shafagh 21e9a4508d TypeError: 'float' object cannot be interpreted as an integer 2020-09-18 17:42:28 -07:00
Hossein Shafagh c892cd5ae1 removing anything that remotely looks like a secret in code to set a good example 2020-09-18 17:38:52 -07:00
Hossein Shafagh cc855e2758 modern python style 2020-09-18 17:16:07 -07:00
Hossein Shafagh edab32d9a1 setting the required entrust configs 2020-09-18 17:03:22 -07:00
Hossein Shafagh 416f39222a testing 2020-09-18 17:02:19 -07:00
Hossein Shafagh fae3793255 entrrust plugin revised 2020-09-18 11:09:32 -07:00
sayali 51549ae795 Adding comment for the property to be removed 2020-09-15 17:37:58 -07:00
sayali d8cca855e8 Merge branch 'master' of github.com:Netflix/lemur into key_type_column 2020-09-15 15:16:13 -07:00
sayali 5ae65c2c4d Remove unused import 2020-09-15 14:55:04 -07:00
sayali 676562ffde Match column type to db schema
No functional change
2020-09-14 18:13:35 -07:00
sayali 02d711282d New column key_type
commenting conflicting property for now
2020-09-14 18:12:33 -07:00
sirferl 02c7a5ca7c another round of lint errors 2020-09-14 16:34:56 +02:00
sirferl e011cc9251 added several enhancements following advice from peer 2020-09-14 16:24:53 +02:00
sirferl 9778eb7b25 fixed lint errors 2020-09-14 15:56:02 +02:00
sirferl 5bb0143da4 lint errors and removed _path from the API-Cert variables 2020-09-14 15:42:36 +02:00
sirferl 84496b0f55 fixed a few problems 2020-09-14 15:18:46 +02:00
sirferl b8e3162c5f added revoke functionality 2020-09-14 14:20:11 +02:00
sirferl b337b27146 added response handler 2020-09-14 12:23:58 +02:00
sirferl 01678a714f added required vars check 2020-09-14 09:50:55 +02:00
Hossein Shafagh 8adca442e1
Merge branch 'master' into entrust-plugin 2020-09-11 17:11:57 -07:00
sayali 09a2a8fc76 Log message change
PR comments
2020-09-11 15:53:34 -07:00
Hossein Shafagh 806aeddd87
Merge branch 'master' into validity 2020-09-11 10:09:01 -07:00
Hossein Shafagh 6e588f9c7b
Merge branch 'master' into validity 2020-09-11 09:06:11 -07:00
sirferl 1c9c377751
Lint errors 2020-09-11 12:31:15 +02:00
sirferl fd52438d61
yet lint errors 2020-09-11 12:30:53 +02:00
sirferl de9ad82011
Fixed Lint complaints 2020-09-11 12:24:33 +02:00
sirferl a99a84b0b2 entrust plugin inital edit 2020-09-10 16:04:31 +02:00
sirferl f47f108f43 ientrust plgin - first version 2020-09-10 16:03:29 +02:00
Hossein Shafagh a7be8b6dce adding support for different types of CSR encodings 2020-09-09 19:54:53 -07:00
Hossein Shafagh 4923157dc2 expanding key_type to with EC support 2020-09-09 19:54:20 -07:00
Hossein Shafagh aff7ad7ea2 testing 2020-09-09 19:53:59 -07:00
Hossein Shafagh 60fd2134ca removing duplicate curves, and marking them in existing mapping 2020-09-09 19:53:35 -07:00
Hossein Shafagh 5ab9626cbd overwriting cn and key_type values from CSR, as they take precedence 2020-09-09 19:52:59 -07:00
Hossein Shafagh 6fa15c4cb3 methods to extract cn and key_type from csr 2020-09-09 19:48:21 -07:00
Hossein Shafagh de0c38e9ba mapping of curve name to key_type 2020-09-09 19:47:51 -07:00
sayali 8ad4448c85 Match date format for comparison + expected new lines 2020-09-01 12:44:49 -07:00
sayali db4f68f0ed Logs during cert validity truncate for digicert 2020-08-31 18:20:32 -07:00
sayali 9c4fb85dc3 Calculate dates from defaultDays in js 2020-08-31 18:19:32 -07:00
Hossein Shafagh d478def98c removing the custom key Type and doing the conversion in the backend 2020-08-31 16:35:47 -07:00
Hossein Shafagh 9a7a632489 using a standard curve for testing 2020-08-28 09:48:35 -07:00
Hossein Shafagh 9671b34485 adding support for all type of ECC curves which existing CA plugins might support 2020-08-27 14:15:14 -07:00
sayali 1fc2e29ab8 Remove 397 days validation as it causes error in API calls
More to come in future
2020-08-27 14:15:14 -07:00
sirferl ab4cda2298 Extended ADCS_TEMPLATE_ Variable
If there is a config variable ADCS_TEMPLATE_<upper(authority.name)> take the value as Cert template else default to ADCS_TEMPLATE to be compatible with former versions
2020-08-27 14:15:14 -07:00
sayali 7a9500eee0 Lint error fix 2020-08-27 14:15:14 -07:00
sayali 5ed109e998 Max end date as per start date + default validity 3 years 2020-08-27 14:15:14 -07:00
sayali 7011a4df8b max date on UI as per max validity configs 2020-08-27 14:15:14 -07:00
sayali 4d7c6844e5 Make Organizational Unit optional 2020-08-27 14:15:14 -07:00
sayali 2645c4a82d mention 397 for digicert plugin 2020-08-27 14:15:14 -07:00
sayali 3cb386cc0f maximum 1 year validity for digicert 2020-08-27 14:15:14 -07:00
sayali e06dea106f Modify unit test test_determine_end_date to match new config 2020-08-27 14:15:14 -07:00
sayali d7d483fa9b Renaming PUBLIC_CA to PUBLIC_CA_AUTHORITY_NAMES 2020-08-27 14:15:14 -07:00
sayali 25125f3257 Cert validity should not exceed 397 days for publicly trusted issuers 2020-08-27 14:15:14 -07:00
sayali 404d213e8f Modified cert description to have cert id being cloned 2020-08-27 14:15:14 -07:00
sayali e75e472a1a Do not inherit replacement info during cert clone 2020-08-27 14:15:14 -07:00
sayali 69b64c63ea Honor selected algorithm during certificate cloning 2020-08-27 14:15:14 -07:00
Hossein Shafagh f4bcd1cf30 lack of an empty config file was resulting into this error
```
Traceback (most recent call last):
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/tests/test_acme.py", line 159, in test_request_certificate
    self.acme.request_certificate(mock_acme, [], mock_order)
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/plugin.py", line 211, in request_certificate
    current_app.config.get("IDENTRUST_CROSS_SIGNED_LE_ICA_EXPIRATION_DATE", "17/03/21"), '%d/%m/%y'):
TypeError: strptime() argument 1 must be str, not MagicMock
```
2020-08-27 14:15:14 -07:00
Hossein Shafagh 5a6e4e5b43 Let's Encrypt has been using a cross-signed intermediate CA by DST Root CA X3, which is included in any older devices' TrustStore.
https://letsencrypt.org/certificates/

Let's Encrypt is transitioning to use the intermediate CA issued by their own root (ISRG X1) starting from September 29th 2020. This is in preparation of concluding the initial bootstrapping of their CA, by having it cross-signed by an older CA.
https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html

This PR allows Lemur to pin to the cross-signed ICA (same public/private key pair as the ICA signed by ISRG X1). This will prolong support for incompatible systems.
2020-08-27 14:15:14 -07:00
Hossein Shafagh c169ad291e adding the correct signing algorithm, and a missing key Type 2020-08-27 13:29:56 -07:00
sayali 3242fc1e13 Validity with radio buttons 2020-08-26 19:30:12 -07:00
sayali 6aedd3b0d8 Datepicker enhancements 2020-08-25 18:40:36 -07:00
sayali 3efe14c43f Remove 397 days validation as it causes error in API calls
More to come in future
2020-08-25 16:26:20 -07:00
sirferl 4f148f3bc3
Merge branch 'master' into master 2020-08-20 11:33:18 +02:00
sirferl 1b73b1d080
Merge branch 'master' into master 2020-08-19 12:29:02 +02:00
sirferl c2116df652
Extended ADCS_TEMPLATE_ Variable
If there is a config variable ADCS_TEMPLATE_<upper(authority.name)> take the value as Cert template else default to ADCS_TEMPLATE to be compatible with former versions
2020-08-19 12:25:52 +02:00
sayali 5b96b3a032 Lint error fix 2020-08-18 20:03:15 -07:00
sayali 240f0b99c8 Max end date as per start date + default validity 3 years 2020-08-18 19:34:59 -07:00
sayali bc5579e9bf max date on UI as per max validity configs 2020-08-18 14:50:42 -07:00
sayali 5b3f40467b Make Organizational Unit optional 2020-08-18 14:50:42 -07:00
sayali 6ff8910f87 mention 397 for digicert plugin 2020-08-11 18:53:19 -07:00
sayali d7ca1570be maximum 1 year validity for digicert 2020-08-11 18:02:42 -07:00
sayali bde2829e72 Modify unit test test_determine_end_date to match new config 2020-08-11 17:10:29 -07:00
sayali 18a3514974 Renaming PUBLIC_CA to PUBLIC_CA_AUTHORITY_NAMES 2020-08-10 18:06:45 -07:00
sayali 7a83799bcd Cert validity should not exceed 397 days for publicly trusted issuers 2020-08-10 17:30:34 -07:00
Hossein Shafagh 9bcfcebb3a
Merge branch 'master' into bootswatch-fix 2020-08-04 14:09:33 -07:00
sayali 817a4c3d90 Modified cert description to have cert id being cloned 2020-08-03 19:24:06 -07:00
sayali c3d8501401 Do not inherit replacement info during cert clone 2020-08-03 19:23:24 -07:00
sayali c15a2c62d1 Honor selected algorithm during certificate cloning 2020-08-03 19:22:13 -07:00
Hossein Shafagh 3c1d6998fb
Merge branch 'master' into pinning-to-cross-signed-LE-ICA 2020-07-24 10:25:11 -07:00
Raul Benencia 0fd83d13ae Fix intermediate CA creation on cryptography plugin 2020-07-23 13:58:32 -07:00
Hossein Shafagh 2317967802 lack of an empty config file was resulting into this error
```
Traceback (most recent call last):
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/tests/test_acme.py", line 159, in test_request_certificate
    self.acme.request_certificate(mock_acme, [], mock_order)
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/plugin.py", line 211, in request_certificate
    current_app.config.get("IDENTRUST_CROSS_SIGNED_LE_ICA_EXPIRATION_DATE", "17/03/21"), '%d/%m/%y'):
TypeError: strptime() argument 1 must be str, not MagicMock
```
2020-07-15 17:04:49 -07:00
Hossein Shafagh d5ae45a0d0 Let's Encrypt has been using a cross-signed intermediate CA by DST Root CA X3, which is included in any older devices' TrustStore.
https://letsencrypt.org/certificates/

Let's Encrypt is transitioning to use the intermediate CA issued by their own root (ISRG X1) starting from September 29th 2020. This is in preparation of concluding the initial bootstrapping of their CA, by having it cross-signed by an older CA.
https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html

This PR allows Lemur to pin to the cross-signed ICA (same public/private key pair as the ICA signed by ISRG X1). This will prolong support for incompatible systems.
2020-07-14 17:35:13 -07:00
Hossein Shafagh e0c2f4274e
Merge branch 'master' into patch-1 2020-07-02 10:16:02 -07:00
Javier Ramos aa11088944
Remove f from non-f string 2020-07-02 16:48:41 +02:00
Javier Ramos 1f598e3752
Fix unmatched field in Authorization
The field in the formatted string was not matching the args
2020-07-02 16:41:19 +02:00
Javier Ramos 7a5a5531cc
Raise ValidationError if CSR contains invalid CN
If we supply a CSR that contains an empty field in the Subject, Lemur will crash with an error 500 as the ValueError exception is not captured. This change captures the exception and raises a ValidationError which in this case is a 400 sent back to client. Example to reproduce:

    Subject: C=ZZ, ST=Something, L=, O=My_Org, OU=My_Dept, CN=www.booking.com

The empty L= causes a ValueError which needs to be captured.
2020-07-01 15:44:06 +02:00
Hossein Shafagh 4985744bd8 fixing UnboundLocalError bug 2020-06-11 16:47:37 -07:00
csine-nflx a7a309136f fixing whitespace and imports 2020-06-11 14:15:40 -07:00
csine-nflx f834d10f9a moving ultradns tests to separate file 2020-06-11 14:04:17 -07:00
Hossein Shafagh c40d297735
Merge branch 'master' into ilabun/optimize-certificates-sql 2020-06-09 14:20:31 -07:00
Hossein Shafagh fd3ea2cf46
Merge branch 'master' into json-logging-rotate 2020-06-09 10:58:53 -07:00
Hossein Shafagh 099ebee409
Merge branch 'master' into check-revoke-revised 2020-06-09 10:47:24 -07:00
Hossein Shafagh 62469e518f
Merge branch 'master' into json-logging-rotate 2020-06-09 10:45:57 -07:00
Hossein Shafagh c3b36d697f clarification 2020-06-08 15:17:45 -07:00
Hossein Shafagh 5215a71a6d
Merge branch 'master' into check-revoke-revised 2020-06-04 15:51:48 -07:00
Hossein Shafagh 704e61dd53
Merge branch 'master' into json-logging-rotate 2020-06-04 15:51:24 -07:00
Hossein Shafagh e06c3ea192
Merge branch 'master' into improve-expiry-email 2020-06-04 15:51:17 -07:00
alwaysjolley 1bcc9d5d0d allowing for _ in domains 2020-06-03 13:20:23 -04:00
alwaysjolley 1b8507636b fixing quotes, no escape characters in tests, fixed anchors 2020-06-03 12:49:55 -04:00
alwaysjolley 3ce7cd6c50 fixing escaped string on domain test 2020-06-03 11:34:14 -04:00
alwaysjolley 8658ac531e fixing unittests and allowing for single character domains 2020-06-03 08:08:49 -04:00
alwaysjolley 2a1751ec30 fixing domain validation to account for 2-63 character length and correct character set 2020-06-03 04:56:38 -04:00
Hossein Shafagh 50091cca1d
Merge branch 'master' into ilabun/optimize-certificates-sql 2020-05-27 15:29:47 -07:00
Hossein Shafagh d8948a12d3
Merge branch 'master' into check-revoke-revised 2020-05-27 15:29:19 -07:00
Hossein Shafagh 86c3771044
Merge branch 'master' into json-logging-rotate 2020-05-27 15:28:48 -07:00
Hossein Shafagh 904bc9d8b6
Merge branch 'master' into improve-expiry-email 2020-05-27 15:28:41 -07:00
Hossein Shafagh d95f02d234
Merge branch 'master' into master 2020-05-27 14:25:07 -07:00
Hossein Shafagh 8861cc70cb rewordin 2020-05-26 17:12:47 -07:00
Hossein Shafagh 34e3f7c049 improved messaging 2020-05-26 16:38:12 -07:00
Hossein Shafagh 4eeab91d73 making lint happy 2020-05-22 18:36:39 -07:00
Hossein Shafagh 10dfedee36 making lint happy 2020-05-22 18:33:43 -07:00
Hossein Shafagh 86310ff02d
Merge branch 'master' into check-revoke-revised 2020-05-22 18:25:00 -07:00
Hossein Shafagh 87a53557cd
Merge branch 'master' into json-logging-rotate 2020-05-22 18:24:53 -07:00
Hossein Shafagh 8f16688b0a
Merge branch 'master' into check-revoke-revised 2020-05-22 17:45:50 -07:00
Hossein Shafagh 49a8b80df2 better exception handling when OCSP or CRL or not implemented 2020-05-22 17:36:34 -07:00
Hossein Shafagh c9767b3172 adding logging for revoked certs 2020-05-22 17:32:44 -07:00
Hossein Shafagh 49c4a9c3b2 making the revocation to be scoped based on the authority plugin name 2020-05-22 17:29:30 -07:00
Hossein Shafagh 4923bbf8a7 adding json formatted logging 2020-05-22 16:22:12 -07:00
Hossein Shafagh 09016fd2ee cleaning up the code after more local testing 2020-05-22 16:04:39 -07:00
e11it f83e3f764e
always assign csr_sans to name 2020-05-22 21:52:43 +03:00
Hossein Shafagh 97145b6dee
Merge branch 'master' into ilabun/optimize-certificates-sql 2020-05-22 10:29:28 -07:00
Hossein Shafagh cc4fc66c93
Merge branch 'master' into master 2020-05-22 09:57:46 -07:00
Hossein Shafagh 748268ecd5
Merge branch 'master' into cert-rotation-region-by-region 2020-05-22 09:57:06 -07:00
Hossein Shafagh 2582086d39
Merge branch 'master' into ilabun/optimize-certificates-sql 2020-05-21 15:39:58 -07:00
Hossein Shafagh fd444403bb improved logging.
- adding destination name, fixing broken metric.
2020-05-21 15:32:38 -07:00
Hossein Shafagh 70985f4ff5 revised system arch 2020-05-14 22:37:30 -07:00
Hossein Shafagh cdd9137f4e
Merge branch 'master' into cert-rotation-region-by-region 2020-05-08 15:32:49 -07:00
Hossein Shafagh 529ee04ae7 removing duplicate line 2020-05-08 09:16:46 -07:00
Hossein Shafagh f68900d2b3 improving logging and the possibility of defining which Authorities qualify for auto-rotation 2020-05-07 18:28:01 -07:00
Hossein Shafagh 843ffad60e removing testing comments 2020-05-07 17:10:50 -07:00
Hossein Shafagh 1b6907a404 Certificate rotation region by region
example scheudule:
CELERYBEAT_SCHEDULE = {
    'certificate_rotate': {
        'task': 'lemur.common.celery.certificate_rotate',
        'options': {
            'expires': 180
        },
        'schedule': crontab(minute="*"),
        'kwargs': {'region': 'us-east-1'}
    }
}
2020-05-07 16:28:01 -07:00
Curtis Castrapel 7e97d885df Address comments 2020-04-28 13:16:27 -07:00
Curtis Castrapel 863af7a3e5 Making CLI command ; Running black 2020-04-28 12:16:46 -07:00
Curtis Castrapel 273c3e2793 Celery task to enable autorotate for all certificates attached to endpoints without it enabled 2020-04-28 11:52:43 -07:00
Hossein Shafagh 8d0007b9c0 fixing the private DNS zone issue.
Private hosted zones will never be visible to third-parties like LetsEncrypt, and Lemur should not consider them as authoritative zones.
This fix, make sure  they are not added to the  dns_provider table.
2020-04-24 15:48:06 -07:00
csine-nflx cee81bd693 updated requirements, fixed unittests, pytest, and distinguidedName ordering 2020-04-09 18:17:05 -07:00
Curtis 213b13d3c9
Merge branch 'master' into enhanced_error_loggin 2020-04-08 14:56:51 -04:00
Curtis 2c8dc24fda
Merge branch 'master' into enhanced_error_loggin 2020-04-08 14:51:06 -04:00
Curtis Castrapel 1360d846fd Improve error logging for a couple of use cases 2020-04-08 11:50:42 -07:00
Hossein Shafagh 3b3cec6f8b
Merge branch 'master' into oauth2 2020-04-08 10:12:04 -07:00
Hossein Shafagh eaeec5d757
Merge branch 'master' into imporved-metrics-sources 2020-04-08 09:23:27 -07:00
Curtis Castrapel 11b15e7e23 Clean up docstrings 2020-04-08 08:41:48 -07:00
Curtis Castrapel eb138fc960 Add default celery metrics and logging using celery signals 2020-04-08 08:38:40 -07:00
Hossein Shafagh 45c98a21b3
Merge branch 'master' into imporved-metrics-sources 2020-04-06 16:02:25 -07:00
csine-nflx 46e0d1953b Merge branch 'master' of github.com:Netflix/lemur into powerdnsplugin_02 2020-04-05 21:47:24 -07:00
csine-nflx f82ec24dfa updating _get_txt_records return values and docstrings 2020-04-05 21:46:33 -07:00
David Stipp 5c2a2f8ff2 OAUTH2 fixes
* Use OAUTH2 variable instead of PING while using OAUTH
* Some IDPs require a POST instead of a GET to user data
2020-04-04 11:32:23 -04:00
Hossein Shafagh 5add647148 # emitting the count of certificates on the source 2020-04-03 16:51:24 -07:00
Curtis efb7a33d3e
Merge branch 'master' into castrapel-patch-3 2020-04-01 14:03:17 -04:00
Curtis b4025e6820
Merge branch 'master' into castrapel-patch-3 2020-04-01 13:55:14 -04:00
Curtis 9a939e8281
Merge branch 'master' into castrapel-patch-2 2020-04-01 13:54:39 -04:00
Curtis d825616ea6
No need to retry 25 times on DeleteConflict errors 2020-04-01 10:53:17 -07:00
Curtis e25f97fce7
Bump time limit for clean_source Celery job
For larger accounts, I've hit SoftTimeLimit exceptions before completion of this celery job. Bumping up the time limit on this job.
2020-04-01 10:50:24 -07:00
Curtis 67d24caef5
Remove equivalent destinations when cleaning certificates
Remove equivalent destinations when cleaning certificates. This will prevent Lemur from attempting to re-upload a certificate after it has been cleaned.
2020-04-01 10:31:12 -07:00
csine-nflx 6f3ba23fa0 updating sinlge line of comments 2020-03-30 13:34:24 -07:00
csine-nflx 9d9bf9d7ba Merge branch 'powerdnsplugin_02' of github.com:Netflix/lemur into powerdnsplugin_02 2020-03-30 09:02:56 -07:00
csine-nflx d6cc8a8a9a fixing whitespace 2020-03-30 09:01:28 -07:00
Hossein Shafagh 66183e6bdd
Merge branch 'master' into powerdnsplugin_02 2020-03-27 10:45:15 -07:00
Chad S 2b7e60399c
Merge branch 'master' into powerdnsplugin_02 2020-03-27 10:27:33 -07:00
csine-nflx 0e314d0028 adding documentation and final cleanup 2020-03-27 10:18:38 -07:00
csine-nflx 0149f8b0d3 add support for wildcard and naked domains to PowerDNS module 2020-03-26 22:15:10 -07:00
Hossein Shafagh 2a2499a929 simplifying code 2020-03-26 20:45:00 -07:00
Hossein Shafagh 5206997468 expired is now called for new certs, where the not_after field might be in datetime format, and not comparable to utc 2020-03-26 19:01:07 -07:00
Hossein Shafagh 88c40aa93c
Merge branch 'master' into master 2020-03-23 20:31:16 -07:00
Hossein Shafagh 697215f8bc better handling of destination plugin errors, and also checking cert expiration before upload 2020-03-21 20:05:35 -07:00
Ilya Makarov 7bd5173da4 Merge with Netflix/lemur master 2020-03-20 20:52:33 +03:00
Hossein Shafagh 1d4da0e3d8 another polish 2020-03-17 16:59:09 -07:00
Hossein Shafagh ecca003ab4 improving the documentation and method naming 2020-03-17 16:55:36 -07:00
csine-nflx 9de89ec96a
Merge branch 'master' into new_clean_cert_cli 2020-03-17 13:38:32 -07:00
csine-nflx 07dc31bed7 cleaning up whitespace changes 2020-03-16 11:41:05 -07:00
csine-nflx 1a19e250bb updating and cleaning up tests 2020-03-16 11:24:17 -07:00
Hossein Shafagh 34d23503de fixing the data bug 2020-03-14 20:41:03 -07:00
Hossein Shafagh b28b4f9a28 adding to new cli commands for cleaning certificates from source:
a) either about to expire in X days and not attached to an endpoint
a) or issued since X days but still not attached to an endpoint
2020-03-14 20:19:26 -07:00
Hossein Shafagh c96695c966 refactor 2020-03-14 20:18:07 -07:00
Hossein Shafagh 593c35776c adding new methods for getting pending clean 2020-03-14 20:17:05 -07:00
csine-nflx 921d52b360 fixing get_dns_challenge() logic so duplicate domains (such as wildcard and not wildcard) do not match the wrong authorziations 2020-03-13 00:03:31 -07:00
Ilya Makarov be722fb1b3 Fix lint 2020-03-11 20:51:10 +03:00
Ilya Makarov 92a8942727 Fix lint 2020-03-11 15:37:11 +03:00
Ilya Makarov a6c3b85fe1 Fix lint 2020-03-11 15:15:56 +03:00
Ilya Makarov ba8e315eed Fix typo 2020-03-11 14:22:04 +03:00
Ilya Makarov 729ed3843d Fix bug wth get_options and slash in name 2020-03-11 14:16:29 +03:00
Ilya Makarov d3cb0b517a Add format support 2020-03-11 02:27:31 +03:00
Ilya Makarov ad86cf1fd9 Merge remote-tracking branch 'upstream/master' 2020-03-11 00:29:07 +03:00
csine-nflx e1e7efc96e
Merge branch 'master' into powerdnsplugin_01 2020-03-05 15:25:40 -08:00
csine-nflx 771e72187a updates based on feedback 2020-03-05 15:24:56 -08:00
csine-nflx 5dfb6acb17 adding support for ACME_POWERDNS_VERIFY option to support CA Bundles and disabling Server validation 2020-03-05 14:59:21 -08:00
csine-nflx c0004e506e removing 2 year option from Lemur certificate request form 2020-03-04 14:50:44 -08:00
Hossein Shafagh 4a4b3b932e
Merge branch 'master' into master 2020-03-04 10:32:10 -08:00
csine-nflx 1e81d47793 Merge branch 'renewal_validity_01' of github.com:Netflix/lemur into renewal_validity_01 2020-03-03 17:28:58 -08:00
csine-nflx fdc1e20c23 updating config_mock defaults 2020-03-03 17:27:15 -08:00
csine-nflx 38b7d6e5e3
Merge branch 'master' into renewal_validity_01 2020-03-03 14:44:33 -08:00
csine-nflx 6c46481ffd simplifying return statement for validity years 2020-03-03 14:40:50 -08:00
csine-nflx 318292704d fixing default/max DigiCert validity values 2020-03-03 14:29:17 -08:00
e11it 27a86f5c18
Fix: San values #2921
Not sure is it correct solution
2020-03-03 21:45:33 +03:00
e11it fe67ff2146
Update plugin.py
Fix lint
2020-03-02 09:18:02 +03:00